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Dell  server  consolidation. 

Saves  money.  Saves  space. 

Spells  doom  for  your  old  servers. 
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Dell  |  Enterprise 


Dell  PowerEdge"  Servers  use  Intel'1  Xeon *  Processors. 

Consolidate  with  Dell  and  you'll  need  to  find  a  new  use  for  your  old  servers. 

What  kind  of  server  consolidation  solutions  does  Dell  bring  to  your  enterprise?  Just  what  you'd  expect:  A  legendary  focus  on  you,  the 
customer,  that’s  as  relentless  as  our  focus  on  driving  down  costs.  An  end-to-end  solution  that  saves  you  money  today  and  tomorrow 
by  delivering: 


o  Maximum  flexibility,  manageability,  value  and  price/performance.  Our  new  line  of  PowerEdge""  servers,  powered  by 
Intel®  Xeon®  processors,  that  consistently  rank  at  the  top  of  industry  benchmarks  such  as  TPC*  Collectively  lowering  TCO 
and  accelerating  time  to  ROI. 


«  Optimized  uptime/maximized  investment.  Dell's  new  systems  management  solutions  deploy  software,  tools  and  services 
which  simplify  and  automate  server  systems  administration.  Leveraging  your  IT  resources  and  maximizing  your  IT  dollar. 

«  Server  infrastructure  consolidation  services.  Our  comprehensive  portfolio  includes  consolidation  readiness  assessment, 
consolidation  design  and  transformation,  customer  training  and  certification,  deployment  and  high  availability  support  services. 


Flexible  financing  alternatives.  Dell  gives  you  a  variety  of  financing  avenues  designed  to  help  you  optimize  ROI. 


For  nearly  20  years,  we've  revolutionized  the  way  the  world  buys  and  manages  technology.  Now  find 
out  how  Dell's  direct  approach  can  revolutionize  your  server  consolidation.  To  learn  more  about  the  Dell  ROI 
-L  \  test,  visit  www.dell.com/serverROI  or  call  us  toll-free  at  1-877-434-DELL 


Flexible  solutions  that  can  cut  costs  today  and  tomorrow.  Easy  as 


Call  1-877-434-DELL  or  visit  www.delS.com/seiverROI 

•Pei  TPC  W  100.000  Item  Count  Results  Test,  June  2002  Tot  more  information,  visit  www.tpc  tag  TPC  and  TPC-VV  are  trademarks  o!  the  Transaction  Processing  Performance  Council  Intel,  the  Intel  logo  and  Xeon  aie  trademarks  or  registered  trademark  Corporation  01  its 

subsidiaries  in  the  United  States  and  other  countries  Dell,  the  Dell  logo  and  PowerEdge  are  registered  trademarks  of  the  Dell  Computer  Corporation  ©2002  Oell  Computer  Corporation.  All  rights  reserved 


COMPLIMENTARY  SEMINAR 


Why  IP  Storage? 

How  will  it  affect  your  current  storage  landscape? 

What  do  terms  like  iSCSI,  SOIP,  FCIP,  iFCP  mean  within  your  world? 

Can  I  leverage  my  current  storage  infrastructure? 

Is  IP  Storage  hype  or  reality? 

Network  Storage  University  and  its  industry  leading  storage  partners  can  help  educate  you  on  the  new  and 
much  anticipated  technology  of  IP-based  storage.  New  protocols  such  as  iSCSI,  SOIP,  FCIP,  iFCP  promise  a 
host  of  benefits  to  network  storage  users.  Noted  author  and  consultant,  Jon  William  Toigo  will  lead  this 
seminar  with  an  informative  keynote  speech,  followed  by  presentations  from  the  industry’s  most  leading 
edge  vendors  within  this  space.  The  day  will  conclude  with  a  spirited  roundtable  discussion,  where  attendees 
will  be  encouraged  to  ask  the  tough  questions  of  the  experts  themselves. 


WHO  SHOULD  ATTEND? 


IT  professionals  who  are  responsible  for  ensuring  data  availability  and  for  implementing  an  enterprise  storage 
strategy.  Professionals  who  know  that  smart  technology  decisions  require  the  best  technology  partners. 


WHY  ATTEND  THIS  SEMINAR? 


Learn  more  about  the  latest  IP  storage  protocols  including  iSCSI,  SOIP,  FCIP,  iFCP,  all  of  which  promise  a 
host  of  benefits  to  network  storage  users.  “IP  Storage:  Extending  the  Enterprise”  is  brought  to  you  by  leading 
edge  vendors  who  are  on  the  forefront  of  this  new  frontier.  Cisco,  Network  Appliance,  QLogic  and  Quantum 
will  share  with  you  their  view  of  this  new  technology  and  how  the  use  of  IP  Storage  can  benefit  you  and  your 
company  as  well  as  contribute  to  your  company’s  bottom  line. 


WHERE  AND  WHEN 


TWELVE-CITY  TOUR* 

Los  Angeles,  CA  August  21 
Phoenix,  AZ  August  27 
Denver,  CO 
Dallas,  TX 
Cleveland,  OH 
Boston,  MA 


September  5 
September  17 
September  19 
September  24 


New  York,  NY 
Washington,  DC 
Atlanta,  GA 
Miami,  FL 
Bellevue,  WA 
San  Jose,  CA 


September  26 
October  1 
October  3 
October  10 
October  22 
October  24 


•Locations  for  seminars  yet  to  be  determined. 


AD  ENODTIO,  AB  SCIENTIA 


Find  out  more  information  and  Register  Now: 
www.NetworkStorageU.com  or  call:  1-866-575-8232 
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CROSSROADS 


■  7  Microsoft  and  Cisco  get  ready  for  their  PEAP  show. 

■  7  Storage  vendors  pumping  out  automation  features. 

■  10  Bush  team  lays  out  cybersecurify  plan. 

■  10  Sprint  offering  enhanced  management  for  data  customers. 

■  12  Vendors  offer  up  gear  to  harden  VoIP. 

■  12  Key3Media  drops  N+l  Atlanta,  four  other  events. 

■  17  Amdocs  upgrades  Clarify  suites. 

■  17  Epicentric  making  portals  more  personal. 

■  18  Sun  details  N1,  Linux  desktop  initiatives. 

■  20  HP,  Sun  add  flexibility  to  server  lines. 

■  20  Cisco  [jacks  power  in  switches. 


Infrastructure 

■  23  Fibre  Channel  getting  its 
second  wind. 

■  24  XML  appliances  proliferating. 

■  24  RLX  revs  up  new  blade 
server. 

■  26  Dave  Kearns: 

Can  an  Apple  a  day  really  keep  the 
IT  expert  away? 

Net.Worker 

■  29  Teleworkers  drive  broadband 
market. 

■  29  Tiny  Software  security  pro¬ 
gram  traps  telecommuters'  Trojans. 

■  30  Toni  Kistner:  To  pay  or 

not  to  pay? 

Enterprise 

Applications 

■  35  CA,  BMC  push  portals  for 
management. 

■  35  Software  adds  oomph  to 
Lotus  applications. 

■  36  Entercept  tries  to  save  SQL 
Server. 

■  36  Handsfree  gets  fingers  into 
asset  management. 

■  36  Heroix  adds  automation, 
report  features  to  eQ. 

■  38  Scott  Bradner:  Fixated 
on  faces. 

Service  Providers 

■  41  Wireless  carriers  might  get 
financial  relief  from  FCC. 


■  41  Broadwing  touts  easier  IP 
videoconferences. 

■  42  Interland  stresses  reliability 
of  new  hosting  model. 

■  42  Johna  Till  Johnson: 

How  to  build  a  better  telecom 
organization. 

The  Edge 

■  45  Optical  players  target  metro 
area. 

■  45  Cisco  pumps  up  router 
performance. 

■  46  Nortel  veteran  takes  dive 
into  rough  venture  capital  waters. 

Technology  Update 

■  49  H.263  compresses  video 
over  IP. 

■  49  Steve  Blass:  Ask  Dr. 

Internet. 

■  50  Mark  Gibbs:  Cookies  get 
weird. 

■  50  Keith  Shaw:  Cool  tools, 
gizmos  and  other  neat  stuff. 

Opinions 

■  52  Editorial:  A  cage  for  the 
viruses  that  get  in. 

■  53  Ira  Brodsky:  Enlisting 
networks  to  fight  terror. 

■  53  Thomas  Nolle:  FCC  fails 
at  regulatory  reform. 

■  98  Backspin:  Cranky  and 
gloomy. 

■  98  'Net  Buzz:  If  proxy  ser¬ 
vices  thrive,  Whois  may  become  a 
Whowas. 
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NetwoiMAtald  Fusion 

www.nwfusion.com 

Interactive 

Buzzwords  defined 

After  reading  The  Buzz  Issue,  our  annual  take  on  the  hottest  network 
technologies,  head  online  to  our  Networking  Encyclopedia  for  detailed  defi¬ 
nitions  of  the  technologies  and  standards  profiled,  and  dozens  of  others. 

DocFinder:  2335 

DEMOmobile  2002  Weblog 

Cool  Tools  columnist  Keith  Shaw  was  in  San  Diego  last  week  getting  the 
scoop  on  the  hottest  wireless  and  mobile  products  around.  See  what's  in 
your  wireless  future. 

DocFinder  2237 

More  with  Less 

Learn  how  to  get  the  most  out  of  your  equipment,  staff,  contracts, 
budgets  and  more. 

DocFinder  2336 

Seminars  and  Events 

Convergence  is  a  god 

Voice  and  data  finally  can  be  converged  on  the  only  network  that  matters: 
yours.  Let  keynote  presenter  Steve  Taylor  be  your  guide  as  he  shows  you 
why  the  time  is  now  for  VoIP.  Gome  to  Network  World's  Tech  Update:  "VoIP: 
The  Right  Time  for  a  Rollout"  and  find  out  how  to  greenlight  VoIP  implemen¬ 
tation  today. 

DocFinder  2341 
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Columnists 

Compendium 

Microsoft's  plan  for  reducing  bugs  —  embarrassment 
Fusion  Executive  Editor  Adam  Gaffin  introduces  you  to 
Microsoft  developer  Rob  Fahrni,  who  says  the  embarrass¬ 
ment  of  the  vendor's  many  security  gaffes  is  pushing  devel¬ 
opers  to  do  better. 

DocFinder  2337 

Help  Desk 

The  iPaq  as  a  network  test  tool 
Columnist  Ron  Nutter  helps  a  user  who  wants  to  trou¬ 
bleshoot  his  net  without  dragging  a  laptop  everywhere. 

DocFinder  2338 

SOHO  Tech 

Watch  out,  Windows 

Columnist  James  Gaskin  examines  the  UnitedLinux  group's 
aim  to  consolidate  efforts  and  drive  standards. 

DocFinder  2339 

View  from  The  Edge 

The  next  shoe  to  drop 

Edge  Managing  Editor  Jim  Duffy  notes  how  Lucent  has  fol¬ 
lowed  Nortel,  Tellabs  with  earnings,  warnings  and  reductions. 

DocFinder:  2340 

What  is  DocFinder? 

We’ve  made  it  easy  to  access  articles  and 
resources  online.  Simply  enter  the  four-digit 
DocFinder  number  in  the  search  box  on  the 
home  page,  and  you’ll  jump  directly  to  the 
requested  information. 


Scalable  IP  security  without  breaking  the  bank. 


Meet  the 
Contivity  1000 
Series 

How  do  you  harness  the  power  and  reach  of  the 
Internet  in  a  way  that  provides  security  and 
allows  you  to  scale  your  network?  How  do  you 
do  this  without  breaking  your  IT  budget?  Look 
no  further  than  the  Contivity™  1000  family  with 
Secure  Routing  Technology.  The  Contivity  1000 
Series  enables  businesses  to  easily  build  and  manage  large  VPN  networks,  using 
dynamic  routing  protocols  over  encrypted  tunnels.  In  addition  to  support  for  dynamic 
routing  (RIP  and  OSPF),  it  comes  fully  loaded  with  remote  access  VPN,  site-to-site  VPN, 
firewall,  QoS  and  bandwidth  management.  And  here’s  the  good  part  -  mix-and-match 
services.  You  only  buy  the  services  you  need  initially  and 

Starting 

turn  up  the  rest  when  you're  ready.  It's  as  easy  as  turning  under  $1  000 
on  a  license  key.  No  multiple  boxes.  No  installation 

hassles.  Low  TCO.  The  Contivity  1000  can  be  installed  as  a  stand-alone  IP  access  gateway 
(with  5  free  VPN  tunnels)  or  behind  an  existing  WAN  access  device,  totally  off-loading 
all  security  processing.  For  more  information,  visit  nortelnetworks.com/contivity. 


NORTEL 
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Nortel  Networks,  the  Nortel  Networks  logo,  the  Globemark  and  Contivity  are  all  trademarks  of  Nortel  Networks.  02002  Nortel  Networks.  All  rights  reserved. 
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NetworkWorld 

Microsoft,  Cisco  prepare  for  PEAR  show 


Top  wireless  LAN  worries 

Security  topped  the  list  of  wireless  LAN  concerns  among 
500  Network  World  readers  surveyed  (more  than  one 

response  allowed). 

Encryption  key  and  security  management 

74% 

Troubleshooting,  connectivity  and 
interoperability  problems 

49% 

Poor  network  performance 

48% 

Lack  of  common  wireless  standard 


SOURCE  NW  500  SURVEY  2002 


Find  out  more  results  from  the  survey  at  www.nwfusion.com,  DocFinder:2349 


■  BY  ELLEN  MESSMER,  JOHN 
FONTANA  AND  JOHN  COX 

Microsoft  and  Cisco  this  week 
are  expected  to  detail  how  they 
will  support  an  emerging  IETF 
wireless  security  standard  for 
authentication  that  could  quash 
a  competing  standards  effort. 

Microsoft,  Cisco  and  RSA 
Security  developed  Protected  Ex¬ 
tensible  Authentication  Protocol 
(PEAP)  as  a  way  to  securely  trans¬ 
port  authentication  data,  includ¬ 
ing  passwords,  over  802.11  wire 
less  networks  by  using  tunneling 
between  PEAP  clients  and  an 
authentication  server. 

Like  the  competing  standard 
Tunneled  Transport  Layer  Secur¬ 
ity  (TTLS),  PEAP  makes  it  possi¬ 
ble  to  authenticate  wireless  LAN 
clients  without  requiring  them 
to  have  certificates,  simplifying 
the  architecture  of  secure  wire¬ 
less  LANs. 

This  week  Cisco  will  detail  how 


it  will  include  PEAP  in  its  wireless 
LAN  products,  which  until  now 
have  supported  a  proprietary  pro¬ 
tocol  called  Lightweight  Exten¬ 
sible  Authentication  Protocol 
(LEAP).  Microsoft  added  PEAP 
support  to  Windows  XP  in  a  ser¬ 
vice  pack  released  Sept.  7. 

PEAP’s  progress  casts  a  shadow 
over  the  TTLS  effort,  which  also  is 
on  the  IETF  standards  track.  Funk 


Software  and  Certicom  devel¬ 
oped  TTLS,  predating  PEAP  About 
three  months  ago,  Funk  deployed 
TTLS  in  its  Odyssey  wireless  LAN 
authentication  server  and  the 
client  components  for  TTLS  on 
the  desktop. 

“PEAP  and  TTLS  are  almost 
identical,” says  Joel  Snyder,  senior 
partner  at  consultancy  OpusOne, 
a  Network  World  Global  Test 


Alliance  partner. “It  doesn’t  make 
sense  to  have  both. Its  like  having 
two  sizes  of  floppies.” 

“We  don’t  need  two  stan¬ 
dards,”  agrees  Funk  President 
Paul  Funk,  author  of  TTLS,  who 
says  that  wireless  LAN  product 
providers  Agere  Systems, 
Proxim  and  Avaya  are  support¬ 
ing  Funk’s  work  on  TTLS  at  the 
IETF  Funk  describes  TTLS  as  a 
“superset”  of  PEAP 

The  rivalry  some  suggest,  stems 
from  both  sides  wanting  to  be 
considered  as  originators  of  what 
might  become  an  important  wire¬ 
less  LAN  security  protocol.  The 
victors  could  set  the  course,  while 
the  losers  will  have  to  retool. 

Inside  look 

TTLS  and  PEAP  work  within  the 
framework  of  the  broad-based 
IEEE  802.11  wireless  LAN  stan¬ 
dard  for  authentication  known  as 
802. IX.  PEAP  and  TTLS  each  use 
Transport  Layer  Security  —  which 


is  often  described  as  a  better 
Secure  Sockets  Layer  —  to  set  up 
an  end-toend  tunnel  to  transfer 
the  user’s  credentials,  such  as  a 
password,  without  having  to  use  a 
certificate  on  the  client. 

Together  with  the  wired  equiva¬ 
lent  privacy  (WEP)  encryption 
standard, TTLS  and  PEAP  authen¬ 
ticate  end  users  and  conceal  the 
users’  credentials. 

But  WEP  has  come  under  fire 
from  a  range  of  critics,  and  today 
there  are  many  improved  meth¬ 
ods  in  the  works,  including  WEP2 
and  Temporal  Key  Integrity  Pro¬ 
tocol  (TKIP). 

TTLS  is  better  because  it  is  flexi¬ 
ble  enough  to  support  WEP2  and 
TKIP  as  they  become  available, 
Funk  says.  It  could  also  accom¬ 
modate  Advanced  Encryption 
Standard,  which  has  been 
approved  by  the  federal  govern¬ 
ment  as  the  replacement  for  Data 
Encryption  Standard,  and  is 
See  PEAP,  page  14 


Vendors  scramble  to  manage  mixed  storage  nets 


■  BY  DENI  CONNOR 

A  string  of  recent  news  announcements 
from  major  storage  vendors  highlights  the 
industry’s  ongoing  rush  to  consolidate  and 
automate  the  management  of  heteroge¬ 
neous  storage  devices. 

Just  last  week: 

•  EMC  launched  a  storage  resource  man¬ 
agement  product  called  Enterprise  Control- 
Center  Automated  Resource  Manager 
(ARM)  and  a  multivendor  storage-area  net¬ 
work  package  called  SAN  Manager. 

•  Veritas  Software  announced  the  next  ver¬ 
sion  of  its  SANpoint  Control  Version  3.5  soft¬ 
ware,  which  adds  support  for  direct-attached 
storage  and  tape,  and  rules-creation,  provi¬ 
sioning  and  reporting  capabilities. 

•  Hewlett-Packard  rolled  out  the  next  ver¬ 
sion  of  its  Enterprise  Network  Storage 
Architecture,  called  ENSAextended,  and  a 
new  version  of  its  Open  View  Storage  Area 
Manager  (SAM)  software.  SAM  will  now 
manage  EMC  Symmetrix,  IBM  Enterprise 
Storage  Server,  and  Hitachi  Lightning  and 
Thunder  arrays. 

•  Computer  Associates  this  week  will  an¬ 


nounce  the  next  step  in  its  Enterprise 
Storage  Automation  strategy  —  the  Bright- 
Stor  Fbrtal  —  that  groups  its  storage  software 
together  under  one  Web  interface. 

“Storage  is  still  one  of  the  last  bastions  of 
manual  labor(  says  Steve  Duplessie,  senior 
analyst  for  Enterprise  Storage  Group.  “Auto¬ 
mating  manual  tasks  is  a  great  idea  for  all  the 
obvious  reasons  —  it  gives  a  consistent  way 
to  do  things  and  by  eliminating  boring,  error- 
prone  manual  tasks,  frees  up  IT  staff  to  do 
smarter  things.” 

The  storage  management  market  is  hot, 
with  Gartner  analysts  pegging  it  this  year  at 
$8.5  billion  and  increasing  to  more  than  $16 
billion  by  2005.The  move  toward  automating 
storage  management  features  that  are  now 
mostly  manual  promises  to  save  network 
managers  time  while  increasing  efficiency 
and  accuracy. 

Steve  Freund,  group  vice  president  for  in¬ 
surance  company  CNA  in  Chicago,  has  test¬ 
ed  EMC’s  ARM  with  his  network  storage. 

“When  we  put  in  our  SAN,  we  knew  we 
would  encounter  productivity  issues  and 
would  need  these  EMC  tools  available  to  us 
See  Automate,  page  14 


Automating  storage  management 

In  this  example,  a  company  has  created  a  rule  that  enforces  a  service- 
level  agreement  for  a  database  application. 


o 


The  automated  resource  ©  If  volume  on  Disk  0  As  the  database  0 


management  application 
runs  on  the  server  and 
monitors  data  growth  on  the 
SAN.  An  administrator  sets 
a  rule  to  continuously 
monitor  the  storage  and 
keep  volume  on  any  disk 
below  80%. 


A  exceeds  80%, 
the  policy  engine 
automatically 
moves  data  onto 
Drive  C. 


continues  to  grow  and 
the  volume  of  Drive  B 
increases,  data  will 
be  automatically 
moved  to  Drive  D. 


Another  rule  says  when 
any  of  the  data  for  an 
account  has  not  been 
accessed  in  two  years,  a 
hierarchical  storage 
management  application 
will  move  it  automatically 
to  a  tape  library. 


www.nwfusion.com 
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Microsoft  patches  four  more  flaws 

■  Microsoft  last  week  continued  its  string  of  weekly  security  flaws  this  time  reporting 
two  in  Java  and  two  in  its  Terminal  Server  software.The  Java  flaws  are  in  Microsoft's  Java 
Virtual  Machine  up  to  Version  5.0.3805.  The  JVM  is  most  often  found  in  Microsoft’s 
Internet  Explorer. The  flaws  allow  a  hacker  to  obtain  complete  control  over  a  users  sys¬ 
tem  by  exploiting  features  for  connecting  to  a  database  or  for  using  XML  in  a  Java  appli¬ 
cation.  Microsoft  labeled  the  flaws  critical  and  encouraged  users  to  patch  their  systems. 
The  Terminal  Server  flaws,  deemed  moderate  by  Microsoft,  affect  Windows  2000  and  XP 
and  lie  in  the  Remote  Data  Protocol. The  flaws  allow  attackers  to  potentially  steal  trans¬ 
mitted  data  or  crash  the  operating  system. To  exploit  the  flaws,  hackers  need  to  gain  a 
level  of  control  over  a  users  actions  or  presence  on  the  network.  Microsoft  made 
patches  available  for  both  vulnerabilities  last  week  at  www.microsoft.com/technet. 


■  Thi  GoodThe  Bad  The  Ugly 


Slapper  worm  targets  Apache  servers 

■  The  so-called  Slapper  computer  worm  —  subject  of 
a  CERT  security  advisory  last  week  —  continued  its 
spread  across  the  Internet  by  exploiting  vulnerabilities 
in  Linux  Apache  Web  servers  that  have  not  been 
patched  for  flaws  in  the  OpenSSL  protocol  described 
July  30  by  the  Open  SSL  Group.  Once  Slapper  worms  its 
way  into  a  vulnerable  Linux  Apache  Web  server,  it 
forces  the  server  to  join  a  peer-to-peer  network.  Hackers 
can  use  the  Slapper  peer-to-peer  network  to  deliver 
files.  According  to  some  estimates,  Slapper,  thought  to 
be  the  first  peer-to-peer  worm,  has  infected  at  least 
30,000  Linux  Apache  Web  servers. 


Cisco  ditches  Dell  as  reseller 

■  Cisco  will  drop  Dell  as  a  reseller  of  its  network  products  effective  Sept. 
27.  Dell  has  sold  Cisco  equipment  through  its  direct  online  sales  channel 
for  several  years.  It  offers  all  Cisco  products  for  large  companies  and 
some  for  small  and  midsize  businesses.  The  move  might  reflect  Cisco’s 
new  perception  of  Dell  as  a  competitor.  Cisco  included  Dell  along  with 
traditional  rivals  such  as  Nortel  and  Juniper  Networks  on  a  list  of  com¬ 
petitors  in  a  regulatory  filing  with  the  Securities  and  Exchange 
Commission  dated  July  27.  Dell  sells  a  growing  lineup  of  its  own  network 
switches  under  the  FbwerConnect  line.  Dell  referred  questions  about  the 
reason  for  the  change  to  Cisco. 


Longtime  Microsoft  veteran  leaving 

■  Charles  Simonyi,  one  of  the  original  employees  at  Microsoft  whose 
development  efforts  led  to  the  creation  of  Microsoft  Word,  is  leaving  the 
company  after  21  years  to  found  a  start-up  that  will  develop  new-era 
programming  tools.  Simonyi,  who  helped  set  Microsoft’s  early  technical  strategy,  was 
one  of  four  senior  executives  who  led  the  company’s  management  team  during  the 
1980s  and  is  the  first  to  leave  Microsoft.  The  others  are  chief  software  architect  Bill 
Gates,  CEO  Steve  Ballmer  and  Jeff  Raikes,  group  vice  president  for  productivity  and 
business  services.  Simonyi  is  founding  Intentional  Software  in  Bellevue,  Wash.,  with 
the  aim  of  building  tools  that  make  programming  easier  using  a  combination  of  text, 
graphic  images  and  charts. 


Taking  aim  at  spam.  MSN  Hotmail  users  might 
see  a  decrease  in  spam  clogging  up  their  in-boxes  in  coming 
weeks,  thanks  in  part  to  a  deal  struck  between 
Microsoft  and  Brightmail.  Microsoft  said  it 
will  deploy  Brightmail's  Solution  Suite  to  filter 
spam  at  the  Simple  Mail  Transfer  Protocol 
gateway,  before  it's  delivered  to  in-boxes  for 
Microsoft’s  110  million  Hotmail  users  worlds 

Cache  crash.  Caching  company 
InfoLibria  has  laid  off  all  of  its  staff  and 
closed  its  doors,  sources  say.  Calls  to  the 
company,  the  latest  caching  firm  to 
succumb  to  a  worsening  market,  went 
unreturned.  Companies  such  as  Inktomi 
and  CacheFlow  (now  Blue  Coat  Systems) 
either  have  scaled  back  or  shed  their  caching 
businesses  this  year  to  focus  on  potentially 
more  lucrative  markets. 

Will  these  pants  cell?  An  ugly  little 

debate  has  emerged  over  new  pants  from  Levi  Strauss 
that  come  with  "anti-radiation"  pockets  for  cell  phones 
While  Levi  Strauss  says  it  is  simply  responding  to 
customer  demand  with  the  new  Dockers  Icon 
S-Rt  pants  it  hopes  to  start  selling  in  Europe 
next  year,  critics  say  the  company  essentially 
is  trying  to  scare  the  pants  onto  people.  > 


IDT  nabs  telecom  bargain 

■  IDT  Telecom  announced  last  week  that  it  has  acquired  network  assets  that  span  13 
cities  from  bankrupt  Star  Telecommunications.  The  U.S.  Bankruptcy  Court  in 
Wilmington,  Del.,  selected  IDT’s  bid  and  approved  the  purchase  last  week.  While  IDT, 
which  offers  voice  and  data  services  to  residential  and  business  users,  would  not  spec¬ 
ify  how  much  the  network  cost,  it  did  say  it  is  spending  less  than  a  penny  on  the  dollar 
of  the  original  purchase  price  of  $68  million.  IDT  says  the  purchase  doubles  the  size  of 
its  domestic  network. 


Palm's  new  ‘scentsability' 

■  Palm’s  hardware  division  just  moved  into  spanking  new  headquarters  in  Milpitas, 
Calif.,  and  right  away  The  Wall  Street  Journal  has  caught  wind  of  something  that  smells 
funny  —  literally  A  stench,  described  as  “putrid,"  has  been  wafting  over  and  through  the 
new  building.The  cause  is  a  dried-up  850-acre  salt  pond  not  far  away. The  pond  is  owned 
by  Cargill  Salt,  which  has  promised  to  fix  a  broken  water  pump  that  caused  the  pond  to 
dry  up.  It  left  a  quantity  of  brine, shrimp,  algae  and  other  formerly  living  stuff  to  bake  in 
the  late  summer  sun. 


Charismac  Engineering  is  taking  orders  for  Hubzilla,  a  four- 
port  Firewire  hub  embedded  in  a  Godzilla  model.  The  ports  take 
the  place  of  some  of  the  scales  on  his  back,  and  his  eyes  flash 
to  let  you  know  about  network  activity. 


You  'll  get  plenty  of  stuff  you  have  to  see  —  every  day,  even 
—  in  Compendium,  www.nwfusion.com,  DocFinder:  2332. 
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@  business  is  the  game.  Play  to  win: 


bands,  software  that  effectively  manages  an  e-business  is  essential.  But 
software  that  corrects  problems  before  they  occur?  That’s  extraordinary. 


2]  WIN  WITH  TIVOLI:  Unlike  other  solutions  that  tell  you  you’ve  violated 
a  service  level  agreement  after  the  fact,  Tivoli  software  detects 
trends  and  makes  adjustments  before  things  go  awry.  Tivoli.  Part  of  our 
software  portfolio,  including  DB2?  Lotus®  and  WebSphere® 


3]  MAKE  THE  PLAY:  Visit  ibm.com/tivoli/unexpected  and  download 
a  free  buyer’s  guide  on  how  to  meet  your  service  level  agreements. 
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Bush  team  lays  out  cybersecurity  plan 

Recommendations  draw  praise,  but  some  question  whether  they  go  far  enough. 


Oybersecurity  recommendations 

A  draft  of  the  government’s  report  calls  for  more 

involvement  at  the  CEO  and  board  of  directors  levels. 

1.  CEOs  should  consider  forming  security  councils  to  integrate 
cybersecurity,  privacy,  physical  security  and  operational 
considerations. 

2.  Boards  should  consider  forming  committees  on  IT  security  and 
should  ensure  that  the  CEO  regularly  reviews  recommendations 
of  the  chief  information  security  official. 

3.  IT  continuity  plans  should  be  regularly  reviewed  and 
exercised,  and  should  consider  site  and  staff  alternatives. 
Consideration  should  be  given  to  diversity  in  IT  service 
providers. 

4.  Corporations  should  consider  active  involvement  in  industrywide 
programs  to  develop  IT  security  best  practices. 

5.  Companies  should  review  mainframe  security  software  and 
procedures,  and  consider  developing  a  partnership  to  review 
and  update  best  practices. 

SOURCE: THE  NATIONAL  STRATEGY  TO  SECURE  CYBERSPACE 


■  BY  CAROLYN  DUFFY  MARSAN 
AND  ELLEN  MESSMER 

PALO  ALTO  — The  Bush  admin¬ 
istration’s  cybersecurity  plan 
paints  a  chilling  picture  of  the 
threats  facing  U.S.  corporations 
and  offers  a  series  of  recommen¬ 
dations  for  network  executives 
about  how  best  to  combat  the 
threats. 

“The  National  Strategy  To 
Secure  Cyberspace”  was  released 
last  week  at  an  event  at  Stanford 
University  attended  by  600  gov¬ 
ernment  and  industry  officials. 
Among  the  speakers  were 
Richard  Clarke,  chairman  of  the 
president’s  Critical  Information 
Protection  Board;  Robert  Mueller, 
director  of  the  FBI;  Matt  DeZee, 
CIO  for  the  state  of  South 
Carolina;  and  Rhonda  MacLean, 
director  of  corporate  information 
security  at  Bank  of  America. 

The  60-page  strategy  originally 
was  intended  to  be  a  final  report 
that  summed  up  10  months  of 
study  by  the  Critical  Information 
Protection  Board.  But  days  before 
the  plan’s  release,  the  White 
House  changed  its  mind  and 
released  the  strategy  as  a  draft 
document  with  a  60-day  public 
comment  period  before  the  strat- 


■  BY  DENISE  PAPPALARDO 

OVERLAND  PARK,  KAN.  — 
Sprint  is  enhancing  its  managed 
frame  relay  and  ATM  services 
with  monitoring  support  from 
Visual  Networks. 

The  carrier  announced  last 
week  that  customers  of  its 
Managed  Channel  Service  Unit/ 
Data  Service  Unit  service  can 
now  monitor  network  perfor¬ 
mance  more  closely  and  verify 
their  service-level  agreements 
(SLA). 

While  Sprint  has  used  Visual 
Networks'  DSU/CSUs,  the  carrier 
had  not  turned  on  the  WAN  per¬ 
formance  management  features 
for  its  managed  customers  until 
now,  says  Mickey  O’Dell,  director 
of  Sprint  managed  services. 

The  management  software  in- 


egy  is  finalized.  The  National 
Infrastructure  Advisory  Council, 
which  includes  the  CEOs  of  lead¬ 
ing  high-tech  companies  and  gov¬ 
ernment  officials,  will  review  the 
draft  and  comments. 

As  expected,  the  strategy  rec¬ 
ommends  voluntary  efforts  by  in¬ 
dustry  to  beef  up  IT  security 
rather  than  new  government  reg- 


cludes  capacity  planning  and 
diagnostic  tools  so  users  can 
keep  better  track  of  their  net¬ 
work  needs  and  uptime. 
Customers  also  can  more  easily 
monitor  their  SLAs,  including 
network  availability,  packet  loss 
and  throughput.  Sprint  users  can 
access  these  metrics  stored  on 
the  carrier’s  network  using  a  Web 
browser. 

“Performance  monitoring  is 
something  managed  service  cus¬ 
tomers  expect  their  service  pro¬ 
vider  to  offer’’  says  David  Willis, 
senior  research  analyst  at  Meta 
Group.  Sprint  now  is  offering 
more  of  the  enhancements  man¬ 
aged  users  require,  he  says. 

Customers  can  generate  re¬ 
ports  on  their  own  or  Sprint  will 
provide  reports. 

While  Sprint  would  not  offer 


ulations.  According  to  the  strat¬ 
egy  85%  of  the  nation’s  critical  in¬ 
frastructure  facilities  are  privately 
owned  and  operated,  and  that’s 
why  the  strategy  favors  market- 
based  incentives. 

“The  government  cannot  dic¬ 
tate,  the  government  cannot  man¬ 
date,  the  government  cannot  reg¬ 
ulate  cybersecurityf  Clarke  said  at 


specific  pricing,  O’Dell  says  that 
managed  service  customers 
could  expect  to  pay  30%  to  40% 
more  on  top  of  their  monthly 
management  fees.  There  also  is 
an  installation  fee,  which  Sprint 
would  not  reveal. 

Willis  says  users  should  negoti¬ 
ate  lower-than-list-price  fees  for 
this  add-on  feature. “Sprint  has 
been  very  flexible  on  pricing  . . . 
so  users  shouldn’t  put  too  much 
stock  in  list  prices  when  negoti¬ 
ating  new  contract  terms  as  they 
upgrade  services,”  he  says. 

The  management  enhance¬ 
ment  is  available  now. 

The  company  is  planning  a 
series  of  additional  service  en¬ 
hancements  for  its  managed  cus¬ 
tomers  that  it  will  announce  over 
the  next  few  months. 

Sprint:  www.sprint.com 


the  strategy’s  unveiling.  "The  gov¬ 
ernment  alone  cannot  make 
cyberspace  secure.” 

Met  with  criticism 

The  plan  was  met  with  criti¬ 
cism  because  administration 
officials  removed  tougher  lan¬ 
guage  from  earlier  drafts  that 
placed  more  responsibility  for 
Internet  security  on  ISPs  and 
software  vendors.  And  some 
security  experts  predicted  that 
the  strategy  would  end  up  gath¬ 
ering  dust  because  it  relies  on 
recommendations  rather  than 
mandating  action  by  industry. 

However,  many  network  ven¬ 
dors  commended  the  strategy 
and  vowed  to  contribute  com¬ 
ments  in  the  weeks  ahead. 

“We’ve  stepped  up  the  coopera¬ 
tion  between  industry  and  gov¬ 
ernment,”  says  Douglas  Sabo, 
director  of  government  relations 
at  Network  Associates.This  is  the 
real  beginning  of  the  dialogue.” 

The  strategy’s  idea  of  a  network 
operations  center  supported  by 
industry  for  information  sharing 
on  security  threats  is  “intriguing,” 
says  Symantec’s  CTO  Rob  Clyde, 
but  he  wasn’t  clear  how  this 
would  be  accomplished. 

Citing  damage  caused  by  the 
Nimda  and  Code  Red  viruses, the 
strategy  outlines  the  growing 
sophistication  and  destructive¬ 
ness  of  cyberattacks.  The  strategy 
says  the  number  of  attacks  re¬ 
ported  by  Carnegie  Mellon  Uni¬ 
versity’s  CERT  Coordination  Cen¬ 
ter  grew  nearly  30-fold  in  the  last 
four  years.  CERT  reported  3,700 
attacks  in  1998  and  at  current 
rates  will  report  more  than 
1 10,000  in  2002,  the  plan  says. 

Meanwhile,  computer  systems 
and  networks  are  becoming 
more  vulnerable  to  cyberattacks 
because  of  problems  with  soft¬ 
ware  and  hardware  that  permit 
unauthorized  entry  or  damage  to 
a  network.  The  number  of  com¬ 
puter  security  vulnerabilities  that 
CERT  identified  more  than  dou¬ 
bled  last  year  from  1 ,090  in  2000 
to  2,437  in  2001. 

The  strategy  recommends  com¬ 
panies  take  proactive  steps  to 
improve  the  security  of  their  com¬ 
puter  systems  and  networks 
rather  than  wait  to  respond  to  par¬ 
ticular  threats.  Among  the  recom¬ 
mendations  are  regular  security 
audits,  virus  updates  and  software 
patches. 


“The  worst  case  [of  a  cyber¬ 
attack]  has  not  happened  yet,” 
Clarke  said.  “It’s  up  to  all  of  us  in 
partnership  to  make  sure  that  the 
worst  case  doesn’t  happen.” 

The  strategy  highlights  certain 
kinds  of  systems  that  are  most  vul¬ 
nerable  to  attack.  These  include 
the  digital  control  systems  (DCS) 
and  supervisory  control  and  data 
acquisition  (SCADA)  systems  that 
the  energy,  chemical  and  other 
manufacturing  industries  use.The 
report  recommends  that  compa¬ 
nies  examine  Internet  connec¬ 
tions  to  DCS  and  SCADA  systems 
and  implement  secure  authenti¬ 
cation  within  24  months. 

Similarly,  the  strategy  identifies 
new  risks  and  vulnerabilities  for 
mainframes  that  are  connected 
to  the  Internet.  The  strategy  rec¬ 
ommends  increasing  the  fre¬ 
quency  and  rigor  of  audits  and 
improving  security  policies  for 
mainframes. 

Another  area  of  risk  is  instant¬ 
messaging  programs,  which  often 
bypass  firewalls  and  antivirus 
scanners.  The  strategy  recom¬ 
mends  that  companies  adjust 
their  computer  security  policies 
to  address  the  risks  presented  by 
these  programs. 

The  cybersecurity  strategy  will 
encourage  companies  to  move 
“to  stronger  authentication  like 
[public-key  infrastructure]  and 
smart  cards,”  predicts  Barry  Lef- 
few,  vice  president  of  public  sec¬ 
tor  at  VeriSign.“Password  authenti¬ 
cation  is  not  enough  to  control 
who  has  access  to  information.” 

Leffew  says  the  strategy  also  en¬ 
courages  companies  to  monitor 
their  networks  more  actively  for 
hacker  attacks  and  create  plans 
for  responding  to  those  attacks. 
“Companies  need  to  have  proac¬ 
tive  security  assessments  to  iden¬ 
tify  vulnerabilities,”  he  says. 

"We’ll  see  an  increased  use  of 
managed  security  services  for 
firewalls  and  network  intrusion 
detection,”  he  adds. 

The  National  Strategy  to  Secure 
Cyberspace  can  be  viewed  at 
www.securecyberspace.gov.  Com¬ 
ments  are  due  Nov.  18.  ■ 


■  Columnist  Mark  Gibbs 
wants  the  government  to 
stay  out  of  the  cyberse¬ 
curity  business.  PAGE  98. 


Sprint  offering  enhanced 
mgmt  for  data  customers 


Lotus,  software 


- 

Ufa*  4  ■ ,  ' 


INSTANT 

MESSAGING 

PLAY 


1  ]  WIN  WITH  SPEED:  No  question  about  it.  Whether  it’s  on  a  PDA 
or  a  PC,  the  faster  your  workforce  can  exchange  ideas,  the  faster 
they  can  act  on  them. 


2]  WIN  WITH  LOTUS:  As  the  leader  in  business  instant  messaging, 
Lotus  Sametime*  helps  you  locate  and  communicate  with 
the  people  you  need,  instantly  and  securely.  Lotus.  Part  of  our 
software  portfolio,  including  DB2r  Tivoli"  and  WebSphere* 


3]  MAKE  THE  PLAY:  Visit  ibm.com/lotus/team  for  a  Webcast 
on  instant  messaging  and  its  effects  on  speed  of  collaboration. 
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Vendors  offer  gear  to  harden  VoIP 

Foundry,  Mitel  form  partnership  to  help  balance  IP  telephony  traffic  loads. 


■  BY  PHIL  HOCHMUTH 

Several  vendors  last  week  took 
aim  at  perceived  security  and  reli¬ 
ability  issues  involved  with  run¬ 
ning  voice  over  IP 

Foundry  Networks  and  Mitel 
say  they  will  jointly  sell  a  pack¬ 
age  that  includes  Mitel  IP  PBXs 
and  Foundry  switches  that  can 
be  used  to  balance  IP  telephony 
traffic  loads  and  protect  the 
PBXs  from  hackers.  Separately 
VoIP  firewall  vendor  Jasomi 
Networks  introduced  a  box 
designed  to  ensure  that  IP 
phones  work  even  in  the  pres¬ 
ence  of  firewalls  that  use  net¬ 
work  address  translation  (NAT). 

Mitel  and  Foundry  will  offer  a 
cluster  of  up  to  32  Mitel  3300  In¬ 
tegrated  Communications  Plat¬ 
form  (ICP)  IP  PBXs  in  conjunc¬ 
tion  with  two  Foundry  Serverlron 
Layer  4  to  Layer  7  switches.  This 
will  give  customers  redundancy 
and  failover  for  their  IP  PBXs,  en¬ 


suring  that  internal  IP  calls  and 
IP-to-public-switched-telephone- 
network  calls  go  through. 

Foundry’s  Serverlron  boxes  also 
include  software  that  can  identify 
denial-of-service  attacks  aimed  at 
shutting  down  an  IP  PBX.  The 
switch  also  can  be  configured 
not  to  accept  fragmented  packets 
or  incomplete  TCP/IP  handshake 
signals,  which  can  be  signs  of  a 
malicious  user  attempting  to 
flood  a  server  with  packets. 

“Certainly,  denial-of-service  at¬ 
tacks  are  a  legit  threat  if  you  have 
an  IP  PBX  sitting  on  your  net¬ 
work,”  says  Mike  Hommer,  lab 
manager  with  Miercom,  an  IP 
voice  and  data  equipment  test¬ 
ing  and  consulting  firm. “With  IP 
telephony,  you’re  just  as  subject 
to  anything  that  makes  an  IP 
server  vulnerable,  including 
[DoS  attacks] .” 

Foundry  and  Mitel  gear  is  in¬ 
stalled  at  the  Greater  London 
Authority  (GLA),  the  governing 


body  of  London.  More  than  700 
users  are  connected  to  a  cluster 
of  three  3300  ICPs  over  a  network 
of  Foundry  Fastlron  and  Biglron 
Layer  2  and  Layer  3  switches. 
Load  balancing  that  IP  PBX  clus¬ 
ter  with  a  Web  switch  is  some¬ 
thing  the  GLA  might  look  into, 
says  Keith  Beddard,  network 
architect  for  the  GLA. 

Beddard  says  he  has  researched 
the  Fastlron  switch  and  has  con¬ 
sidered  using  it  as  a  load-balanc¬ 
ing  device  for  the  GLAs  Web 
servers.  He  says  he  has  not  mixed 
load-balancing  technology  with 
IP  telephony  before. 

“For  sites  with  large  amounts  of 
IP  telephony  traffic,  using  a 
Serverlron  to  load  balance  [IP 
PBXs]  would  be  ideal,”  he  says. 

The  Foundry/Mitel  product 
bundle  will  be  available  in  the 
fourth  quarter.  Pricing  has  not 
been  set.  But  separately  the  Mitel 
3300  ICP  costs  about  $700  per 
user,  and  Foundry’s  Serverlron 


starts  at  about  $10,000. 

Getting  around  NAT 

Jasomi’s  PeerPoint  Centrex 
product  is  for  use  with  IP  phones 
and  gateways  that  work  with 
Session  Initiation  Protocol  (SIP). 
The  box  has  been  designed  to 
solve  problems  created  when  SIP 
phone  users  are  located  behind  a 
firewall  that  uses  NAT, which  trans¬ 
lates  IP  traffic  from  a  private  IP 
address  scheme  to  a  public  one 
for  transport  over  the  Internet. 

Jasomi  says  the  NAT  process 
can  corrupt  SIP-based  calls 
given  that  SIP  cannot  handle  the 
swapping  of  IP  addresses. 
Outgoing  SIP  traffic  never  reach¬ 
es  its  destination  because  of  the 
address  change,  the  company 
says,  and  incoming  SIP  call  traf¬ 
fic  can  be  denied  by  the  NAT 
firewall  in  the  process. 

PeerPoint  Centrex,  which  can 
support  up  to  1,000  concurrent 
SIP  sessions,  can  be  deployed  in 


front  of  an  IP  PBX.The  Jasomi  de¬ 
vice  can  identify  incoming  SIP 
traffic  that  would  normally  get 
bounced  by  the  corporate  fire¬ 
wall  and  deliver  it  to  the  VoIP 
equipment  sitting  behind  the 
PeerPoint  Centrex  box. 

For  outgoing  SIP  traffic,  the  Peer- 
Point  Centrex  device  can  learn 
the  translation  schemes  of  the 
NAT  firewalls  it  is  communicating 
with  on  the  user  end,  and  format 
the  SIP  traffic  so  that  it  can  be 
accepted  by  the  outside  caller. 
Jasomi  says  this  feature  does  not 
require  extra  hardware  or  soft¬ 
ware  on  the  user’s  end. 

PeerPoint  Centrex  will  be  avail¬ 
able  next  month  starting  at 
$16,000.  ■ 
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N+l  Atlanta,  several  Comdex  shows  biting  the  dust 


NetWorld+Interop  in  Atlanta  was  once  a  busy  show  full  of  exhibitors,  novelty  acts  and  tchotchkes,  as  seen  in  these 
1999  photographs.  But  Key3Media  is  closing  down  the  show  in  light  of  the  industry  slowdown. 


■  BY  PHIL  HOCHMUTH 

ATLANTA  —  Key3Media  Group 
is  scrapping  the  NetWorld+Interop 
conference  in  Atlanta  next  year  as 
part  of  a  broader  pullback  in  its 
North  American  IT  trade  show 
lineup.  The  company  says  finan¬ 
cial  troubles  on  the  part  of 
exhibitors  is  to  blame. 

Along  with  N+I  Atlanta,  Comdex 
in  Chicago,  Vancouver  and  Mon¬ 
treal,  and  Seybold  Seminars  in 
New  York  also  will  be  canceled 
next  year. 

The  demise  of  these  long-time 
Key3Media  events  reflects  travel 
cutbacks  among  businesses  and 
the  reallocation  of  marketing 
dollars  by  technology  vendors 
away  from  trade  shows, 
observers  say.  Key3Media  has 
seen  vendor  and  show  attendee 
numbers  decrease  at  many  of  its 
technology  events,  including  its 
flagship  N+l  conference  held  in 
Las  Vegas  in  May. 

“In  the  market  we’re  living  in,  all  of  our 
clients  are  going  though  huge  economic 
issues,” says  Fred  Rosen, chairman  and  CEO 
of  Key3Media.  “They’ve  only  got  so  much 
money"  and  less  of  it  is  being  spent  on 
trade  shows. 

“We’ve  seen  these  shows  decline ...  in  the 


amount  of  square  footage  and  in  the 
amount  of  marketing  we  sell,”  Rosen  says  of 
those  shows  that  were  canceled. 

In  the  case  of  the  biannual  N+l,  Rosen 
adds,“Our  clients  are  telling  us  that  they 
don’t  want  to  support  two  shows  every 
year.” 

Although  Key3Media  says  it  has  not  tal¬ 


lied  final  attendance  numbers  for  N+I 
Atlanta,  which  ran  Sept.  9  to  12,  the  com¬ 
pany  says  it  expects  attendance  at  the 
show  to  be  off  about  40%  from  the  2000 
peak  attendance  of  50,000. 

“The  quality  of  the  [N+I  Atlanta]  hadn’t 
changed  at  all  in  recent  years,"  says  Craig 
Mathias, a  principal  at  network  consulting 


firm  FarPoint  Group,  who  has 
attended  and  led  sessions  at  N+l 
Atlanta  for  the  past  five  years.  He 
says  the  dwindling  numbers  in 
Atlanta  this  year  were  a  real 
warning  sign.  “There  were  not  as 
many  sessions,  and  the  show 
wasn’t  as  big  as  in  years  past,  but 
the  level  of  discussion  at  the 
show  has  always  been  very  high.” 

With  Las  Vegas  now  the  only 
N+l  show  in  the  U.S.,  Mathias  says 
network  professionals  on  the 
East  Coast  will  lose  out  as  travel 
budgets  shrink. 

“It’s  unfortunate  in  that  some 
people  will  have  less  access  to 
the  kind  of  information  you  can 
get  only  at  a  conference  like 
[N+l],”  he  says.  “In  cyberspace, 
you  can’t  strike  up  a  conversa¬ 
tion  with  someone  sitting  next  to 
you  that  leads  to  new  friendship. 
It’s  all  about  human  interaction.” 

Key3Media’s  major  North 
American  trade  shows  for  2003 
will  include  Comdex  Fall  Las  Vegas  and 
Comdex  Canada,  N+l  in  Toronto  and  Las 
Vegas,  and  Seybold  Seminars  in  San 
Francisco. 

The  company  says  it  also  will  keep  its 
smaller  shows,  such  as  BioSecurity,  Voice 
on  the  Net,  Opticon,  Next  Generation  Net¬ 
works  and  Java  One.  ■ 
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Wireless  IAN  security  glossary 


802.1 X 


802.11 i 


LEAP 


PEAP 


TKIP 


TTLS 


WEP 


IEEE  802.11  standard  for  authentication,  which  supports 
multiple  authentication  modes,  including  RADIUS,  that 
can  be  used  in  wireless  and  wireline  networks. 

IEEE  standards  group  effort  that  involves  “fixing" 
perceived  weakness  in  802.1X  and  WEP  (see  below). 

Lightweight  Extensible  Authentication  Protocol,  which 
includes  Cisco’s  proprietary  extensions  to  802.1X  to 
share  authentication  data  between  Cisco  Aironet 
wireless  LAN  access  points  and  the  Cisco  Secure 
Access  Control  Server. 

Protected  Extensible  Authentication  Protocol,  which 
was  developed  by  Microsoft,  Cisco  and  RSA  Security, 
is  now  an  IETF  draft  standard.  PEAP  encrypts 
authentication  data  using  a  tunneling  method. 

Temporal  Key  Integrity  Protocol,  which  was  developed 
by  the  IEEE  802.1 1  i  standards  committee  as  a  WEP 
improvement. 

TunneledTransport  Layer  Security,  which  was  developed 
by  Funk  Software  and  Certicom,  now  is  an  IETF 
draft  standard.  It  is  an  alternative  to  PEAP. 

Wired  Equivalent  Privacy,  a  wireless  encryption 
standard,  which  was  developed  by  the  IEEE  802.11 
standards  committee. 


PEAP 

continued  from  page  7 

viewed  as  suitable  for  use  with 
wireless  LANs.  Funk  says  PEAP 
doesn't  have  this  flexibility. 

But  with  PEAP  Cisco  gets  what 
observers  say  is  a  better  protocol 
than  LEAP  And  Cisco  can  count 
on  Microsoft  and  others  to  get 
PEAP  client  code  into  laptops, 
handhelds  and  phones. 

“Microsoft  is  organizing  to  be 
a  serious  player  in  wireless  LAN 
access  services  with  PEAR”says 
Jeff  Recor,  consultant  at  the 
Olympus  Security  Group,  which 
partners  with  Cisco  on  security 
in  wireless  LANs.  “Logically, 
Microsoft  has  the  client  and 
Cisco  has  the  back  end.” 

Microsoft  has  acknowledged 
that  it  intends  to  include  PEAP  as 
part  of  the  Internet  Authentica¬ 
tion  Service  in  the  Windows.Net 
Server  by  year-end.  And  Microsoft 
plans  to  add  PEAP  to  Windows 
2000  for  servers  and  desktops. 

Recor  says  he  can  imagine 
PEAP  going  into  Microsoft  Active 
Directory  too.  As  a  Cisco  technical 
partner,  he  says  he  fully  expects 
Cisco  will  add  PEAP  to  the  Cisco 
authentication  server  and  its  wire¬ 
less  access  point  but  not  phase 
out  LEAP  right  away 


Corporations  deploying  wireless 
LANs  are  trying  to  get  a  handle  on 
PEAP  which  Cisco  and  Microsoft 
started  discussing  earlier  this  year. 

One  drawback  is  that  Windows 
XP  is  currently  the  only  operating 
system  that  supports  PEAR  says 
Thomas  Gaylord,  vice  president 
of  IS  at  the  University  of  Akron  in 
Ohio,  a  Cisco  wireless  customer. 

The  university  uses  the  Cisco 
Secure  Access  Control  Server,  a 
FLAD1US  server  and  VPN  software 
running  on  each  wireless  client. 

Some  IT  managers  say  they  find 
little  reason  to  rush  into  PEARand 
want  to  see  it  be  further  accepted 
in  the  standards  process.“It’s  just  a 
proposed  standard,”  says  Van 
Nguyen,  director  of  global  IT  secu¬ 
rity  at  global  shipping  firm  APL, 
which  is  organizing  its  wireless 
LAN  security  strategy  for  deploy¬ 
ing  wireless  LANs  in  APL’s  ware¬ 
houses.  At  this  point,  Nguyen  is 
leaning  away  from  802.  IX  and 
toward  a  roamableVPN  based  on 
the  ReefEdge  appliance  that  pro¬ 
vides  VPN,  firewall  and  authenti¬ 
cation  on  wireless  LANs. 

Many  Cisco  customers  say  they 
haven’t  heard  much  about  PEAR 
but  they  hope  it  will  bring  some 
ability  to  break  loose  of  Cisco’s 
proprietary  authentication  proto¬ 
col,  LEAP 


“Use  of  LEAP  has  locked  us  into 
using  only  network  interface 
cards  made  by  Cisco,”  says  Mark 
Wiesenberg,  director  of  strategic 
architectures  at  Sharp  Health- 


Care,  a  network  of  hospitals  and 
clinics  in  San  Diego.  “This  has 
seriously  hampered  our  ability  to 
move  to  new  devices  with  built- 
in  cards  that  don’t  have  the  abili¬ 


ty  to  speak  LEAPThis  is  particu¬ 
larly  troublesome  with  hand¬ 
helds  and  tablet  devices." 

With  heavyweights  Microsoft 
and  Cisco  backing  PEAR  wireless 
LAN  security  vendors  that  have 
implemented  TTLS  are  wonder¬ 
ing  what  to  do  next. 

“We’re  going  to  have  to  support 
both  TTLS  and  PEAP,”  says  Paul 
Goransson,  president  of  Meeting¬ 
house  Communications,  which 
competes  with  Funk  in  providing 
wireless  LAN  authentication 
servers  and  client  software. 

IBM,  which  resells  Cisco’s  wire 
less  LAN  products,  would  prefer 
to  support  industry  standards, 
whether  PEAP  or  any  other.“LEAP 
was  the  only  thing  available  when 
Cisco’s  wireless  LANs  came  out 
with  a  preindustry  version  of 
802.  IX,” says  Howard  Dulany,  mar¬ 
ket  segment  manager  for  wireless 
products  in  IBM’s  personal  com¬ 
puter  group. 

It’s  important  to  straighten  out 
the  security  issues  related  to 
wireless  LANs  because  “the  No.  1 
inhibitor  of  wireless  LAN  de¬ 
ployment  is  security”  Dulany 
says.  ■ 
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Automate 

continued  from  page  7 

to  help  improve  the  productiv¬ 
ity  of  our  storage  administra¬ 
tors,”  Freund  says. 

The  insurance  company’s 
SAN  contains  EMC  Symmetrix 
arrays,  1,500  Fibre  Channel 
ports  and  60  terabytes  of  data. 

“These  tools  help  us  to  be 
more  responsive  in  provision¬ 
ing  storage  to  meet  ap¬ 
plication  requirements,” 
Freund  says. 


can  take  as  many  as  42  steps  to  add  addi¬ 
tional  space  to  a  high-end  storage  array, 
observers  say 

James  Barry,  CIO  for  the  Boston  Bank 
of  Commerce,  uses  the  BrightStor  Portal 
and  will  look  at  CAs  storage  automation 
products. 

“Our  business  plan  is  focused  on 
growth  through  acquisition,  so  I  have  an 
ever-growing  complexity  in  my  [storage] 
environment,”  Barry  says.Hn  bringing  that 
new  data  in,  having  the  ability  to  dynam¬ 
ically  allocate  or  manage  storage  saves 
me  plenty  of  time.” 

“Our  storage  consists  of  a  ton  of  data 
in  different  places  being  managed  by 
different  [storage  tools],"  Barry  says, 
adding  that  he  has  about  250G  bytes  of 
direct-attached  Dell  storage  in  multiple 


Automated  rules-based  provisioning 


This  table  shows  a  sampling  of  companies  that  have  or  have  promised  some  level  of  automated, 
rules-based  storage  provisioning  for  other  vendors’  storage  arrays. 


HPxp  Series 

HP  Storage- 
Works 

EMC 

Symmetrix 

EMC 

Clariion 

IBM 

Enterprise 
Storage  Server 

Hitachi 

Lightning 

9900 

Sun  T3 

BMC 

Q2  2003 

Q2  2003 

12/02 

Q2  2003 

2003 

12/02 

2003 

CA 

Before  3/03 

Uncertain 

Before  3/03 

Before  3/03 

Before  3/03 

Before  12/02 

Uncertain 

EMC 

Now 

HP 

11/02 

11/02 

11/02 

12/02 

11/02 

11/02 

No  plans 

Sun 

Now 

)le  task.  It 

locations. 

There  is  so  much  interest  in  reducing 

neer  to 

“With  the  BrightStor  portal  we  are  able  to 
view  all  our  data  and  the  large  variety  of 
storage  software  we  use  from  a  single  inter¬ 
face,”  he  says. 

Barry  says  that  with  automation  tools 
he  would  be  able  to  create  rules  that 
would  dynamically  archive  his  storage 
to  DVD. 

The  automated  provisioning  of  storage 
is  just  gathering  steam,  largely  because  of 
the  difficulty  vendors  are  having  retro¬ 
fitting  existing  software  or  writing  new 
software  to  address  the  need. 

Although  the  storage  automation,  mar¬ 
ket  is  still  small  —  only  $50  million  in 
2002  according  to  The  Yankee  Group  — 
as  vendors  start  shipping  products,  it 
will  grow  into  a  $500  million  market  by 
2005. 


manual  storage  tasks  that  a  number  of 
small  companies  are  getting  involved. 

InterSAN,  Creekpath  and  Fujitsu  Softek 
are  shipping  products  that  automate 
the  provisioning  of  storage.  Start-ups 
Invio,  ApplQ  and  StorScape,  while  in 
stealth  mode,  are  doing  automated  pro¬ 
visioning. 

Analyst  Duplessie  says  that  storage 
automation  consists  of  four  elements: 
the  ability  to  discover,  monitor  and 
group  assets;  a  rule-based  engine  to 
enforce  service-level  agreements;  the 
ability  to  take  action  based  on  triggers; 
and  the  capability  to  automatically  pro¬ 
vision  storage. 

“EMC  clearly  has  the  leg  Get  morg  iof#nnatiofl  online 
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management,”  Duplessie  says. 
“BMC  Software,  on  the  other 
hand,  while  having  an  early 
lead  in  application  integra¬ 
tion,  has  fallen  behind  in  pro¬ 
visioning  and  automation.” 

Jamie  Gruener,  a  senior  ana¬ 
lyst  for  The  Yankee  Group,  says 
the  need  for  automation  will 
spur  changes  in  the  way  cus¬ 
tomers  deploy  storage. 

“To  a  certain  extent  these 
vendors  have  to  make  storage 
so  automated  [that]  there  is 
no  need  for  a  [vendor’s]  engi- 
come  in  and  set  up  storage," 


Gruener  says. 

A  number  of  large  storage  companies 
are  promising  more  automated  storage 
software. 

CA  says  it  will  provide  automated  provi¬ 
sioning  of  multivendor  storage  within  the 
next  six  months. 

BMC  will  announce  tools  for  provision¬ 
ing  and  automated  storage  management 
to  its  Application-Centric  Storage  Manage 
ment  initiative,  which  associates  specific 
applications  with  physical  and  logical  stor¬ 
age  assets. 

HP  says  its  storage  software  division  will 
within  two  months  introduce  OpenView 
Storage  Provisioned  its  automated  storage 
allocation  software,  and 
management  support  for 
EMC  Clariion  arrays.  ■ 
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Amdocs  upgrades  Clarify  suite 

CRM  upgrade  adds  integration,  process  management  tools. 
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fc  (Clients  want  to  pick  and  choose 
where  it  makes  sense  to  switch 
to  thin  clients  and  don’t  want  to 
do  heavy  implementation  where 
it’s  not  required.  9  9 

Dror  Pockard 

President,  Amdocs'  Clarify  division 


■  BY  ANN  BEDNARZ 

SAN  JOSE  —  Amdocs, 
owner  of  the  Clarify  software 
line,  this  week  is  announcing 
its  first  upgrade  of  the  once 
pioneering  CRM  suite. 

ClarifyCRM  1 1  will  include 
a  new  integration  gateway, 
process  manager  and  sup¬ 
port  for  thin  clients,  aimed  at 
making  it  easier  for  compa¬ 
nies  to  deploy  Clarify  soft¬ 
ware  and  link  it  to  their  other 
systems,  Amdocs  says. 

Clarify  was  an  early  leader 
in  the  CRM  market,  but  faded 
from  view  during  the  period  it  was  owned 
by  Nortel.  When  Nortel  announced  plans 
to  buy  Clarify  for  $2.1  billion  in  October 
1999,  Clarify  was  No.  2  in  market  share 
behind  Siebel  Systems.  Today  it’s  No.  11, 
according  to  AMR  Research. 

Amdocs,  which  bought  Clarify  for  $200 
million  in  November  2001,  wants  to  regain 
some  of  that  lost  market  share. 

“We  have  our  eye  on  No.  1”  says  Dror 
Fbckard,  Amdocs’ Clarify  division  president. 

Amdocs  also  makes  billing  and  order 
management  software,  primarily  for  tele¬ 
com  companies.  The  company  has 
incorporated  some  of  its  analytic  tools  and 
order  management  features  in  the  new 
Clarify  suite,  Fbckard  says. 

Version  11  features  a  new  architecture 
that  includes  browser-based  access.  Thin- 
client  support  is  not  uncommon  —  CRM 
rival  FbopleSoft  introduced  a  Web-based 
architecture  with  FbopleSoft  8, as  did  Siebel 
Systems  with  Siebel  7. 

Amdocs  stresses  that  Version  11  lets 
browser-based  and  client/server  applica¬ 
tions  coexist.  Companies  can  manage  thin 
and  thick  clients  through  the  same  data¬ 
base,  which  lets  them  stagger  upgrades, 
Fbckard  says.  For  example,  a  company 
might  want  its  salesforce  to  migrate  to  thin 
clients,  while  keeping  its  local  call  center 
employees  on  a  client/server  setup. 

“Clients  want  to  pick  and  choose  where 
it  makes  sense  to  switch  to  thin  clients 
and  don’t  want  to  do  heavy  implementa¬ 
tion  where  it’s  not  required,”  Fbckard  says. 

Cogent  Communications,  a  systems  inte¬ 
gration  division  of  EADS  Telecom,  will  sup¬ 
port  thin  and  thick  clients  internally  and  for 
its  customers.  At  Cogent  customer  U.K. 
Ministry  of  Defence,  high-security  commu¬ 
nications  personnel  will  retain  client/ 
server  applications,  while  15,000  others  get 
the  new  browser-based  applications. 

Also  new  in  ClarifyCRM  11  is  Process 
Manager,  for  defining,  managing  and  auto¬ 
mating  business  processes.  Th is  module  is 
built  on  workflow  capabilities  that  Amdocs 
developed  in  cooperation  with  customer 
British  Telecom. “We  believe  that’s  the  way 
to  approach  development  —  with  a  lead¬ 
ing  customer,”  Fbckard  says. 


Process  management  is  a  fairly  new  idea 
for  a  lot  of  CRM  vendors,  so  Amdocs  is  on 
par  with  its  competition,  says  David 
Hawley  an  analyst  in  The  Yankee  Group’s 
telecom  software  strategies  group. 

“Users  have  struggled  with  the  gaps  be 
tween  sales,  marketing  and  service,” Hawley 
says. “Products  like  Process  Manager  allow 
companies  to  move  out  of  those  stovepipe 
processes.  It’s  not  an  all-encompassing 
solution,  but  it’s  steps  in  the  right  direction.” 

Jean-Noel  Ribeyrol,  director  of  technol¬ 
ogy  systems  at  French  telephone  com¬ 
pany  Spie  Communications,  says  he  envi¬ 
sions  that  Spie  could  use  Process  Manager 


■  BY  JENNIFER  MEARS 

SAN  FRANCISCO  —  Epicentric  next 
week  will  release  updated  portal  software 
to  make  it  easier  for  users  to  personalize 
pages  with  the  content  and  applications 
they  need  to  do  their  jobs. 

With  Foundation  Server  4.1,  which  will  be 
available  Sept.  30,  Epicentric  is  continuing 
its  efforts  to  let  users  manipulate  infor¬ 
mation  and  services  within  the  Java-based 
portal,  while  reducing  the  strain  on  IT. 

Features  include: 

•  Rules-Based  Content  Pfersonalization, 
which  provides  a  point-and-click  wizard 
for  users  to  define  what  content  should  be 
pushed  to  a  portal  depending  on  a  user’s 
role  within  the  organization.This  was  avail¬ 
able  in  earlier  releases,  but  required  devel¬ 
opers  to  set  up  the  business  rules. 

•  My  Pages,  which  lets  users  create  portal 
pages  from  the  ground  up  by  aggregating 
the  services  and  content  they  use  most. 
Analysts  say  Epicentric  stands  out  in  the 
portal  market  because  of  its  ability  to  cen¬ 
trally  manage  multiple  portal  deploy¬ 
ments,  and  with  My  F’ages,  users  can  bring 
the  personalized  pages  with  them  as  they 


to  automate  certain  paper 
processes  and  ensure  that  ser¬ 
vice  employees  follow  proto¬ 
col  when  creating  and  resolv¬ 
ing  support  cases. 

“It  could  be  interesting  for 
us  to  use  this  new  module  if  it 
interacts  well  with  other  Clari¬ 
fy  applications,”  Ribeyrol  says. 

Amdocs  also  focused  its 
upgrade  efforts  on  an  integra¬ 
tion  gateway  for  ClarifyCRM 
that  provides  XML-based  links 
for  exchanging  data  among 
Clarify  software  and  other  sys¬ 
tems.  The  new  Billing  Man¬ 
ager  module  provides  pre¬ 
built  integration  between  ClarifyCRM  and 
Amdocs’  billing  software. 

Amdocs  plans  to  create  a  packaged  inte¬ 
gration  tool  for  linking  Clarify  with  order 
management  software.  A  voice  portal  also 
is  in  the  works,  Fbckard  says. 

Such  advances  resonate  with  customers 
such  as  Cogent. 

“Our  view  internally  is  that  there  is  more 
focus  on  product  development  and 
addressing  customer/user  requirements 
than  there  was  previously  says  Andrew 
Baldwin,  eBusiness  manager  at  Cogent. 
“The  pace  and  quality  of  the  developments 
also  seems  to  be  improving.”* 


move  among  departmental  portals. 

•  Web  Services  Manager,  which  lets 
users  integrate  Web  services  into  a  portal. 

The  updates  bring  Epicentric  up-to- 
speed  with  competitors  such  as  Plumtree, 
IBM  and  BEA  Systems  in  areas  such  as 
portal  personalization,  analysts  say  Other 
features  boost  Epicentric’s  position. 

“They  have  strengths  in  managing  multi¬ 
ple  portals,”  says  Ray  Valdes,  research 
director  at  Gartner. “The  My  Pages  feature 
builds  on  that  strength  and  moves  them 
ahead  a  little  bit.” 

Janet  Beyers,  director  of  business-to- 
employee  services  at  Hewlett-Packard, 
which  uses  Epicentric  for  a  portal  that 
serves  all  of  its  150,000  employees,  says 
she  is  looking  forward  to  enhancing  the 
personalization  features  within  the  portal. 

“Users  say  they  want  the  capability  to 
pick  and  choose  and  aggregate  their 
favorite  activities  .  .  .  but  they  also  want 
content  pushed  to  them,”  she  says. 
“[Updates  to  Foundation  Server] will 
make  that  even  easier  to  do  in  the  future.” 

Version  4.1  costs  $75,000  per  CPU  and 
runs  on  Windows  NT  and  2000,  Solaris,  ; 
Red  Hat  Linux,  HP-UX,  and  AIX.B 


Epicentric  out  to  make 
portals  more  personal 


IP  Telephony. 
Where  to  start? 

With  Avaya  Enterprise  Class 
IP  Solutions  (ECU PS) 
featuring  Multi  Vantage  " 
Software,  start  anywhere 
in  your  network. 


S8700  Media  Server 


At  the  core. 

•  Delivers  up  to  99.999% 
reliability 

•  Scalable  from  20  to 
1  million  users 


G700  Media  Gateway 


At  the  edge. 

•  Survivable  remote  location 

•  Standards-based  distributed 


architecture 
•  Cost-effective  option 


With  a  specific  workgroup. 

•  First  to  seamlessly  extend 
applications  to  cellular 

•  Takes  applications  to  remote 
and  mobile  workers  for 
greater  productivity 


To  begin  assessing  your  network,  contact  us  at 
866-GO- AVAYA.  Or  learn  more  at  avaya.com/yes 
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Sun  details  N1 ,  Linux  desktop  initiatives  at  show 


■  BY  LINDA  LEUNG  SunNetwork  conference  last  week  and 

also  used  the  show  to  detail  plans  to  offer 
SAN  FRANCISCO  —  As  expected,  Sun  Linux-based  desktop  computers, 
formally  unveiled  its  N1  initiative  at  its  Sun  described  N1  as  its  “vision  for  the 


next-generation  data  center’ The  idea  is  to 
enable  corporations  to  pool  servers  (Unix-, 
Linux-  or  Windows-based),  storage  devices 
and  network  gear  and  then  configure  these 


resources  on  the  fly  to  serve  specific  busi¬ 
ness  functions. 

“Customers  say  70%  of  their  IT  budgets 
are  spent  on  managing  the  complexity  in 
their  data  center^  says  Steve  McKay,  vice 
president  of  N1  at  Sun.“Nl  is  focused  on 
reducing  that  number  and  allowing  com¬ 
panies  to  do  more  with  less.”  He  declined 
to  estimate  what  kind  of  returns  N1  might 
deliver. 

The  first  N1  products  under  Phase  1  of 
the  program  are  expected  to  be  rolled  out 
at  the  end  of  this  year  and  will  be  aimed  at 
virtualizing  storage,  systems  and  network 
equipment.  Sun  moved  to  bolster  its  stor¬ 
age  virtualization  offerings  with  the  acqui¬ 
sition  earlier  this  month  of  start-up  Pirns 
Networks.  Pirus  makes  a  storage  switch 
that  promises  to  help  businesses  consoli¬ 
date  mixed  storage  devices  and  servers 
under  a  single  management  interface. 

Phase  two  of  N 1  will  encompass  service 
provisioning  that  will  map  services,  such 
as  Web  services  or  e-mail,  to  specific  net¬ 
work  resources.  A  provisioning  engine  is 
scheduled  to  be  released  in  mid-2003  that 
will  let  administrators  specify  the  busi¬ 
ness  service  definition  for  a  service  and 
provision  the  resources  required  from  the 
virtual  pool. 

The  final  phase  is  expected  to  bring  with 
it  delivery  in  2004  of  dynamic  policy  man¬ 
agement  products, including  a  rules-based 
policy  management  engine.  Ultimately  N1 
architectures  will  be  able  to  learn  the 
behavior  of  resources  and  dynamically 
update  those  as  services  and  policies  are 
modified. 

Some  users  are  skeptical  of  the  virtual¬ 
ization  promise.  Joshua  Gould,  systems 
manager  for  the  Computer  and  Inform¬ 
ation  Sciences  group  at  The  Ohio  State 
University  in  Columbus,  which  has  30  Sun 
workgroup  servers,  says  initiatives  “like  this 
are  always  marketed  to  ‘simplify’  manag¬ 
ing  large  groups  of  servers.  With  Magic 
Product  X,  you’ll  be  able  to  handle  the 
same  numbers  of  servers  with  fewer  peo- 
ple.”Although,  he  says  he  has  doubts 
about  N1  working  in  practice. 

At  the  show.  Sun  also  said  it  plans  to 
deliver  X86-based  Linux  desktops  for  use 
in  call  centers,  retail  outlets  and  class¬ 
rooms  where  a  fully  fledged  PC  isn’t  re- 
quired.The  products  are  due  out  next  year 
and  will  run  open  source  programs  such 
as  the  Mozilla  Web  browser,  the  Open- 
Office  productivity  suite  and  Evolution, an 
open  source  e-mail  program. 

A  typical  customer  package  will  include 
100  PCs  and  a  small  server  running  Sun's 
portal  and  identity  server  software,  the 
company  says.  The  systems,  on  average, 
will  cost  $49  per  month,  per  user,  com¬ 
pared  with  about  $170  per  user,  per 
month,  for  a  typical  Windows  PC. 

Sun  also  made  several  security  announ¬ 
cements,  including  the  contribution  of  its 
Elliptic  Curve  Cryptographic  public-key 
system  for  mobile/wireless  environments 
to  the  OpenSSL  Project.  ■ 


Complete  SAN  LAN  performance  tools. 

Finisar  has  been  offering  its  customers  the  tools  necessary  to  increase  efficient 
network  operation  for  over  14  years.  Finisar’s  family  of  network  analysis  and 
performance  testing  products  ensure  optimum  performance  through  constant 
monitoring,  measuring  and  analysis;  locating  and  repairing  problems  before 
they  cause  an  impact. 

Listening  to  customer  needs,  we  develop  products  that  are  flexible  and  scalable 
to  grow  and  evolve  with  today’s  SAN  and  LAN  environments.  No  other  company 
offers  products  as  easy-to-use  and  easy-to-implement. 

Take  a  test  drive. 

Remove  the  gridlock  from  your  network.  Test  drive  Finisar  Performance  Tools  at 
www.finisar.com/testdrive 

Gartner  IT,  Orlando  •  CTIA  Wireless,  Las  Vegas 
San  Diego,  San  Francisco,  Seattle,  Chicago,  Dallas,  Atlanta,  Boston  &  New  York 

F or  more  details: 
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In  a  world  where  there’s  a  different  kind  of  threat  every  day,  you  need  a  different  kind  of  security. 

New  threats  can  blow  through  any  firewall  or  anti-virus  software.  That's  why  you  need  the  RealSecure4  Protection 
System.  It  dynamically  detects,  prevents  and  responds  to  an  ever-changing  spectrum  of  online  threats  to  your  business. 
RealSecure  protects  your  networks,  servers  and  desktops.  And  it  provides  powerful,  centralized  management  that's 
both  simple  and  cost-effective.  No  matter  who  you're  up  against.  Call  us  at  800-776-2362.  Or  visit  www.iss.net/nww. 
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HP,  Sun  add  flexibility  to  server  lines 

New  Proliant  server  among  HP  offerings;  Sun  addresses  workload  management 


■  BY  JOHN  FONTANA 

In  an  effort  to  meet  corporate 
demand  for  server  environments 
that  can  adapt  to  changing  net¬ 
work  loads,  Hewlett-Packard  last 
week  added  depth  to  its  ProLiant 
line  while  Sun  added  a  module 
for  workload  management  of  its 
Sun  Fire  products. 

HP  introduced  a  new  ProLiant 
server  and  enhanced  two  others 
in  its  ML300  line  for  small  and 
midsize  businesses  running  en¬ 
terprise-class  applications.  All  are 
designed  around  HP’s  adaptive 
infrastructure  architecture  that 
lets  network  executives  tweak 
servers  on  the  fly. 

HP’s  newest  server  is  the  ML- 
310,  which  uses  a  single  Intel 
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Pentium  4  processor  and  comes 
with  AT  Attachment  RAID.  Users 
have  an  option  to  add  Smart- 
Array  SCSI  RAID  controllers  and 
HP  tape  back-up  devices. 

HP  also  enhanced  the  ML350, 
a  two-way  server  with  an  ex¬ 
pandable  5U  (8.75-inch)  rack  or 
tower  platform.  The  server  sup¬ 
ports  Intel’s  Xeon  2.0  and  2.2- 
GHz  processors.  The  platform’s 
four  64-bit  expansion  slots  have 
been  upgraded  to  100MHz  with 
PC1-X  from  the  original  33MHz. 
The  maximum  amount  of  sup¬ 
ported  RAM  has  been  doubled 
to  8G  bytes. 

These  improvements  are  “all 
about  reliability’ says  Eric  School- 
ey,  network  administrator  for 
Wyoming  State  Parks  and  Cultural 
Resources.  “What  1  have  is  a 
known  quantity  that  fits  perfectly 
in  my  seven  remote  offices.” 

Schooley  says  he  uses  the 
servers  primarily  to  host  NetWare 
file  and  print  services. 

The  ML370  is  a  two-way  rack  or 


tower  expansion  server  that 
supports  up  to  two  Intel  Xeon 
2.4-GHz  processors  with  hyper¬ 
threading,  and  up  to  12G-bytes 
of  Double  Data  Rate  memory.  HP 
has  added  its  Integrated  Lights- 
Out  technology  for  remote  man¬ 
agement  as  a  standard  feature. 


In  addition  to  the  server  im¬ 
provements,  HP  last  week  also 
released  its  ProLiant  Essentials 
Workload  Management  Pack  2.0. 
The  software  lets  users  define 
processor  and  memory  re¬ 
sources  for  specific  applications 
so  the  applications  don’t  collide 
with  each  other  when  run  on  a 
single  consolidated  server. 


All  three  servers  support  Win¬ 
dows  and  Linux.The  ML310  starts 
at  $1,200,  the  ML350  starts  at 
$1,850  (tower)  and  $2,100  (rack), 
and  the  ML370  starts  at  $2,709 
(tower)  and  $3,009  (rack). 

Meanwhile.Sun  released  a  work¬ 
load  management  module  called 


Web-based  Enterprise  Manage¬ 
ment  Dynamic  Reconfiguration 
that  allows  administrators  to  auto¬ 
matically  allocate  resources, such 
as  CPU  and  memory  on  their  Sun 
Fire  servers  to  coincide  with  vary¬ 
ing  user  demand  for  server-based 
applications.  The  module  works 
with  the  entry-level,  eight-proces¬ 
sor  3800  all  the  way  up  to  the  106- 
processor  15K. 

The  module  plugs  into  BMC 
Software’s  Patrol  software  for 
workload  monitoring  and  is 
based  on  the  Web-based  Enter¬ 
prise  Management  standard. 

“The  moving  of  resources  has 
been  a  manual  process  to  main¬ 
tain  consistent  server  levels,” 
says  Ken  Won,  director  of  enter¬ 
prise  server  marketing  for  Sun. 
“This  sort  of  technology  is  in  the 
mainframe  world,  and  we  are 
pushing  to  bring  it  into  the  Unix 
world.” 

Sun  plans  to  ship  the  module  in 
the  first  half  of  next  year  and  will 
offer  it  as  a  free  download.* 
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THIS  WEEK’S  QUESTION: 

Which  operating 
system  was  known  by 
the  code  name  Jaguar? 


Cisco  packs  power  in  switches 


has 


■  BY  PHIL  HOCHMUTH 

SAN  JOSE  —  Cisco  last  week  unveiled  mod¬ 
ular  wiring  closet  switches  aimed  at  keeping 
converged  voice  and  data  networks  up  and 
running. 

The  Catalyst  4500  series  of  Layer  2  to  4  Ether¬ 
net  switches  can  be  configured  to  provide 
PCs  with  uninterruptible  network  connectivi¬ 
ty  and  deliver  inline  power  for  IP  phones  and 
wireless  LAN  access  points. 

“A  trend  among  Ethernet  switch  vendors 
been  to  increase  the  kinds  of  functionality  put  into 
the  wiring  closet,"  says  Chris  Kozup,  a  senior 
research  analyst  with  Meta  Group.“Whereas  before, 
everyone  was  preaching  simplicity  at  the  edge,  and 
Layer  3  routing  and  other  features  in  the  core.” 

The  Catalyst  4500  line  consists  of  the  4507R.4506 
and  4503,  which  are  seven-, six-  and  three-slot  chas¬ 
sis,  respectively  Each  of  the  new  switches  comes 
with  integrated  power  supplies  for  providing  inline 
48-volt  DC  current  to  IP  phones;  previous  models 
required  external  power  supplies. 

They  also  can  be  outfitted  with  Cisco’s  upgraded 
Supervisor  IV  management  module, which  features 
more  memory  and  works  faster  than  previous  ver¬ 
sions.  Two  of  the  modules  can  provide  subsecond 
failover  for  each  other  in  the  4507R. 

The  4507R  and  4506  support  up  to  240  10/100/ 
lOOOBase-T  connections  and  have  a  switching 
capacity  of  64G  bit/sec.The  4503  supports  up  to  96 
10/100/1000M  bit/sec  ports  and  has  a  28G  bit/sec 
backplane.  All  three  can  be  outfitted  with  modules 


Cisco  says  its  Catalyst  4500  line  of  switches  can  improve 
resiliency  in  a  backbone  or  at  the  LAN  edge. 


originally  built  for  4000-series  switches. 

Security  features  resiliency  include  support  for 
802.  IX,  which  provides  user-level  authentication, 
and  line-rate  Access  Control  Lists,  for  blocking 
groups  or  individual  users  from  accessing  network 
resources.  Also  included  is  the  Dynamic  Host 
Configuration  Protocol  Tracker,  for  locating  which 
port  an  end  user  is  attached  to  via  a  dynamically 
allocated  IP  address. 

Coming  next  year  in  the  Supervisor  IV  engine  will 
be  support  for  the  NetFlow  daughtercard.The  card 
could  be  used  to  collect  data  about  switch  perfor¬ 
mance,  such  as  monitoring  application  perfor¬ 
mance  or  overall  switch  activity. 

Among  the  products  that  the  Catalyst  4500  series 
will  compete  against  Hewlett-Packard’s  ProCurve 
chassis  switches,  Enterasys  Networks’  Matrix  switch¬ 
es  and  Foundry  Networks’  Fastlron  Edge  Switches. 

The  Catalyst  4507R,  4506  and  4503  cost  $10,000, 
$5,000  and  $1,000,  respectively  The  Supervisor  IV 
engine  starts  at  $13,500. 

Cisco:  www.cisco.com 
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A  winning  team:  High  tech  and  low  stress.  Introducing  the  IBM  (©server  iSeriesT“890. 32-way  processor,  twice 
the  memory  and  I/O1.  That’s  mainframe  power.  Dynamic  logical  partitioning,  self-optimizing  disk  management  and 
single-network  sign-on.  That’s  low-stress  simplicity.  So,  like  the  entire  iSeries  line,  the  i890  couples  high 
performance  with  ease.  For  a  paper  on  how  i890  can  deliver  mainframe  power  and  simplicity  to  your  business,  go  to 
ibm.com/eserver/i890.  Raise  your  standards.  Not  your  blood  pressure. 


@  business  is  -the.  jvhZ.  ffoy  ft  tv'ri 


As  compared  to  the  IBM  eServer  iSeries  840  IBM.  the  e-business  logo,  eServer,  iSeries  and  e-business  is  the  game.  Play  to  win  are  trademarks  or  registered  trademarks  of  International  Busme 
United  States  andtor  other  countries.  Other  company,  product  and  service  names  may  be  trademarks  or  service  marks  ol  others.  ©  2002  IBM  Corporation  All  rights  reserved. 
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Information  by  Phone  lakes  on  a 


Extend  the  value  of  your  IP  telephony  solution 
with  application  and  content  transformation 
solutions  from  Cisco  Systems 


OOKING  AROUND  TODAY’S  OFFICES,  HOTEL  LOBBIES,  OR  COLLEGE  CAMPUSES,  YOU  MAY  SEE  SLEEK 
new  phones  with  eye-catching  information  displays. These  phones  demonstrate  an  exciting  new  advan¬ 
tage  of  IP  telephony:  the  ability  to  enable  interaction  with  business  applications  using  the  screens,  and 
eventually  the  speakers,  of  these  IP  phones. 


The  convergence  of  voice,  video,  and  data  on  a  single  IP  network — enabled  by 
Cisco  AVVID,  the  Cisco  Architecture  for  Voice,  Video,  and  Integrated  Data — is 
changing  the  way  organizations  communicate  and  conduct  business.  Voice  and 
video  can  now  be  transported  as  high-priority  data  on  the  same  network  as  rout¬ 
ed  data  traffic,  lowering  network  costs  and  optimizing  business  communications. 

The  Cisco  CTE  1400  Series  Content  Transformation  Engine  enhances  the 
benefits  of  Cisco  AWID  by  delivering  applications  to  Cisco  IP  Phones,  enabling 
their  use  as  information  appliances  and  streamlining  operations  across  an  enter¬ 
prise.  Equipped  with  a  large  LCD  display,  a  browser,  a  high-speed 
connection,  and  a  speaker,  the  Cisco  IP  Phones  can  be  used  for 
everything  from  making  phone  calls  to  accessing  business  applica¬ 
tions  and  the  Internet,  all  from  one  convenient  place. 

Through  an  easy-to-use  graphical  development  environment,  the 
Cisco  CTE  1400  simplifies  delivery  of  powerful  applications  to 
Cisco  IP  Phones.  These  “transformed”  applications  enable  your  company  to 
increase  productivity  and  improve  customer  service  while  realizing  greater  return 
on  investments  in  both  the  phone  system  and  corporate  applications. 

Transforming  Applications  and 
Content  for  the  Phone  Display 

The  Cisco  CTE  1400  takes  existing  Web  and  extensible  markup  language 
(XML)-based  applications  and  transforms  them  for  display  and  access  on  Cisco 

Saving  Money  and  Paper  with  Cisco 

Forged  Metals,  Inc.  is  already  seeing  the  benefits  of  Cisco  IP  Phones  and  the  Cisco 
CTE.  The  Fontana,  California-based  company  produces  seamless  rolled  rings  and 
open  die  forgings  for  jet  engines,  land-based  turbines,  and  aerospace  applications. 

Forged  Metals  is  using  the  Cisco  CTE  to  connect  Cisco  7960  IP  Phones  to  an  ADP  time 
clock  application  and  an  Oracle  E-Business  Suite  of  applications.  By  replacing  time 
clocks  with  an  application  on  the  Cisco  IP  Phone,  Forged  Metals  estimated  savings  of 
approximately  $12,000  on  the  two  time  clocks  originally  proposed,  and  the  company 
soon  extended  the  time-keeping  solution  to  more  than  100  locations  throughout  their 
facility,  saving  more  than  $100,000  on  the  entire  project  and  gaining  a  more  realistic  and 
robust  solution. 

By  transforming  the  Oracle  E-Business  Suite  applications  with  the  Cisco  CTE,  Forged 
Metals  is  replacing  paper-based  entry  of  job  information.  Employees  now  use  the  Cisco 
7960  IP  Phone  to  enter  job  transaction  information  and  job  costing  data,  which  reduces 
the  costs  and  error  rate  of  transferring  information  from  paper  to  computers.  Forged 
Metals  can  also  avoid  the  expense  of  using  PCs  or  terminals  to  collect  job  information. 

Forged  Metals  already  offers  tenancy  on  its  Cisco  CallManager  IP  telephony  solution 
to  its  vendors  and  other  companies  looking  to  implement  IP  telephony.  The  company 
also  plans  to  deploy  applications  on  these  tenant  IP  phones  to  improve  interaction  with 
its  suppliers. 


The  Cisco  CTE  1400  Series  Content  Transformation  Engine 

IP  Phones,  wireless  personal  digital  assistants  (PDAs),  cellular  phones,  and  two- 
way  pagers. The  Cisco  CTE  provides  a  built-in  client  adapter  for  Cisco  IP  Phones 
that  transforms  applications  to  the  required  screen  size,  computing  power,  and 
XML  markup  tag  specifications.  Example  applications  include: 

■  Enterprise  applications,  such  as  e-mail,  intranets,  corporate  directories,  confer¬ 
ence-room  booking,  company  dashboards,  expense  reporting,  broadcast  mes¬ 
sages,  sales  force  automation,  inventory  control,  time  clocks,  scheduling  appli¬ 
cations,  and  order/ shipment  tracking 

M  Service  applications,  such  as  a  “virtual  concierge”  for  a  hotel;  price  checks,  an 
item  locator,  and  an  inventory  check  for  retail  stores;  and  online  reference 
libraries,  patient  tracking,  and  scheduling  applications  for  hospitals 

■  Education  applications,  such  as  attendance  records,  class  and  final  exam  sched¬ 
ules,  campus  directories,  and  AV  equipment  scheduling 

In  some  cases,  a  Cisco  IP  Phone  can  even  eliminate  the  need  to  install  a  PC. 

How  It  Works 

The  Cisco  CTE  has  a  simple  point-and-click 
Design  Studio  tool  that  defines  the  portions, 
layout,  and  sequencing  of  the  application  that 
will  be  presented  on  the  Cisco  IP  Phone.The 
CTE  Design  Studio  includes  an  emulator  of 
the  Cisco  IP  Phone  screen  to  guide  applica¬ 
tion  layout  and  testing.  The  Design  Studio 
saves  a  set  of  transformation  rules,  which  are 
used  by  the  Cisco  CTE  whenever  you  access 
an  application  using  a  Cisco  IP  Phone. 

Easy  to  Deploy 

The  Cisco  CTE  hardware  requires  only  a  single  rack  unit  and  integrates  well 
with  other  network  elements.  Each  Cisco  CTE  appliance  provides  Secure 
Sockets  Layer  (SSL)  security  for  up  to  1000  simultaneous  connections  and  10,000 
user  sessions;  you  can  serve  higher  demand  levels  simply  by  adding  Cisco  CTE 
units.  The  solution  works  with — and  requires  no  change  to — existing  Web  and 
XML-based  applications. 

Optimize  Business  Communications 

The  combination  of  IP  telephony  and  application  transformation  offers  another 
way  to  optimize  your  business  communications.  The  Cisco  CTE  provides  a  pow¬ 
erful  tool  for  delivering  applications  and  information  access  to  many  devices. 
Together,  they  bring  new  value  and  impact  to  conducting  your  business  by  phone. 


FOR  MORE  INFORMATION 

■  For  a  LIMITED  time,  Cisco  is  offering  a  discount  on  purchasing  the  CiscoCTE  1400  and  CiscolP  phones  together.  Visit: 
www.cte1400.com/offer  to  learn  more. 

■  To  learn  more  about  the  Cisco  CTE  1400  Series  Content  Transformation  Engine,  visit:  www.cisco.com/go/cte. 

■  For  more  information  on  IP  telephony  solutions  from  Cisco,  visit:  www.cisco.com/warp/public/779/largeent/avvid/solutionsrip_tel.html 


C  oj>\  right  C  Cisco  Systems,  Inc.  All  rights  reserved.  Cisco,  Cisco  IOS,  Cisco  Systems,  and  the  Cisco  Systems  logo  are  registered  trademarks  or  trademarks  of  Cisco  Systems,  Inc.  and/or  its  affiliates  in  the  U.S.  and  cer¬ 
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■  TCP/IP,  LAN/WAN  SWITCHES 

■  ROUTERS  ■  HUBS 

■  ACCESS  DEVICES  ■  CLIENTS 

■  SERVERS  ■  OPERATING  SYSTEMS 

■  VPNS  ■  NETWORKED  STORAGE 


Fibre  Channel  getting  its  second  wind 

New  products,  standards  move  storage  network  technology  forward. 


■  BY  DENI  CONNOR 

New  technologies  such  as  10G  Ethernet, 
iSCSI  and  InfiniBand  have  generated 
plenty  of  buzz  in  the  network  storage 
market  over  the  past  year.  But  the  real 
action  of  late  comes  from  a  rather  un¬ 
likely  source:  good  old  Fibre  Channel. 

Witness  this  sampling  of  recent  and 
upcoming  Fibre  Channel  news: 

•  Cisco  blessed  the  technology  by 
spending  as  much  as  $2.5  billion  on  start¬ 
up  Andiamo  Systems  and  introducing  a 
line  of  midrange  and  director-level  Fibre 


■■■  " 

■  .  •  • 

Takes 


■  Marconi  last  week  announced 
general  availability  of  its  BXR-48000 
switch  router  and  a  sale  of  the  prod¬ 
uct  to  the  U.S.  government.  Terms 
of  the  sale,  including  the  number  of 
switches  purchased,  were  not 
disclosed. 

The  U.S.  Department  of  Defense 
will  deploy  the  switch,  which  scales 
from  40G  to  480G  bit/sec,  in  an  OC- 
192  ATM  network,  Marconi  says. 

The  federal  government  has  spent 
$1.3  billion  over  the  years  as  a 
Marconi  customer,  during  which 
time  it  has  installed  switches  such 
as  the  ASX-200BX,  ASX-1000  and 
ASX-4000  switches,  the  company 
says. 

■  InfiniCon  Systems  this  week  will 
launch  a  switch  for  connecting  ser¬ 
vers  containing  InfiniBand  host  chan¬ 
nel  adapters  to  each  other,  as  well  as 
to  storage  devices  on  Fibre  Channel 
networks  and  network  or  storage 
devices  on  Gigabit  Ethernet  net¬ 
works.  The  InfinlO  7000  features  as 
many  as  six  10G  bit/sec  InfiniBand 
ports,  three  Gigabit  Ethernet  ports 
and  two  2G  bit/sec  Fibre  Channel 
ports  in  a  3U  (5.2-inch-high)  rack¬ 
mounted  chassis.  It  costs  from 
$26,740  to  $84,320  depending  on  con¬ 
figuration.  www.infinicon.com 


Channel  switches  based  on  technology 
obtained  in  the  buyout. 

•  Network  Appliance,  which  has  made 
its  reputation  in  the  network-attached 
storage  business,  next  month  will  add 
Fibre  Channel  to  its  mix  with  the  addi¬ 
tion  of  a  storage  device  that  handles  not 
only  file-level  NAS  but  also  block-level 
Fibre  Channel  storage-area  network 
(SAN)  data. 

•  New  protocols  for  blending  Fibre 
Channel  and  IP  are  nearing  standards 
status  within  the  Internet  Engineering 
Task  Force. 

•  Previously  limited  to  1G  bit/sec,  Fibre 
Channel  products  now  handle  2G  bit/sec 
throughput,  and  10G  bit/sec  Fibre  Chan¬ 
nel  is  in  the  works. 

The  technology,  which  emerged  in 
1989,  took  years  to  catch  on  as  a  method 
for  connecting  server  and  storage  re¬ 
sources  in  data  centers  and  in  SANs. 
Critics  pointed  to  interoperability  prob¬ 
lems,  distance  limitations,  cost  and  a 
shortage  of  experienced  Fibre  Channel 
experts  in  IT  departments. 

Yet  Fibre  Channel  has  won  converts 
because  the  technology’s  speed  and  dis¬ 
tance  support  has  fared  well  against  that 
of  SCSI  and  other  storage  network  tech¬ 
nologies.  Gartner  says  Fibre  Channel  was 
nearly  a  $1.5  billion  business  last  year  and 
likely  will  quadruple  in  size  by  2006.  And 
The  Yankee  Group  says  as  many  as  37%  of 
organizations  have  SANs  installed,  with 
that  figure  expected  to  increase  to  50%  by 
year-end. 

“Fibre  Channel  has  proven  itself  to  be 
worthy  of  the  data  center,  and  it  works  just 
fine,”  says  Tony  Prigmore,  an  analyst  with 
Enterprise  Storage  GroupTWe  are  past  the 
queasiness  phase  of  Fibre  Channel  —  it 
has  stabilized,  and  its  interoperability  is 
pretty  good.” 

Prigmore  adds  that  Cisco’s  increased 
support  for  Fibre  Channel  also  is  a  boost 
for  the  technology  in  light  of  the  emer¬ 
gence  of  10G  Ethernet  and  other  storage 
network  options. 

“When  the  10G  bit/sec  Ethernet  vs.  Fibre 
Channel  questions  come  up,  you  have  to 


Fibre  Channel  goes  the  distance 

Financial  firm  Effron  is  using  Fibre  Channel  over  IP  (FC/IP)  technology 
to  connect  SANs  between  White  Plains,  N.Y.,  and  New  York  City.  Fibre 
Channel  has  been  criticized  in  the  past  for  its  distance  limitations. 


White  Plains  SAN 


EMC  Clariion  arrays  running 
MirrorView  software 


©MirrorView  software  on  Clariion  storage  arrays 
copies  data  for  transport  over  a  Fibre  Channel 
SAN. 

©  An  FC/IP  device  receives  data  from  a  Fibre  Channel 
switch  and  puts  it  in  an  IP  envelope  for  transport 
over  the  'Net. 


© 

New  York 
City  SAN 


35  miles 

©  On  the  New  York  City  side,  an  FC/IP  device 
unwraps  the  Fibre  Channel  traffic  and  hands  it 
to  the  SAN,  which  is  configured  the  same  as  in 
White  Plains. 


look  at  Cisco,”  he  says. “Shouldn’t  they  be 
leading  us  into  10G  bit/sec  as  the  storage 
interconnect?  But  it  sure  looks  as  if  they 
believe  Fibre  Channel  is  the  accepted 
data  center  interconnect.” 

Christopher  Black,  network  operations 
manager  for  Effron,  an  investment  and 
portfolio  management  company  in  White 
Plains,  N.Y,  is  a  Fibre  Channel  believer.  He 
uses  Fibre  Channel-based  Clariion  storage 
arrays  from  EMC,  Brocade  2G  bit/sec  Fibre 
Channel  switches  and  CNT  UltraNet  Edge 
Storage  Routers  in  his  data  center  to  mirror 
SQL  data  from  one  array  to  another  across 
a  35-mile  IP  span  (see  graphic). 

“We  wanted  to  maximize  our  throughput 
to  the  disk,  so  Fibre  Channel  was  the  obvi¬ 
ous  choice  —  it  was  faster  and  better  tech¬ 
nology  than  SCSI,”  Black  says.  “We  also 
wanted  to  be  able  to  cut  up  the  storage 
array  and  assign  it  to  servers  where  and 
when  we  needed.  Fibre  Channel  is  the  best 
way  to  do  that.” 

Fibre  Channel's  next  act 

The  good  news  for  Fibre  Channel  users  is 
that  the  industry  appears  committed  to 
advancing  the  technology 

Cisco’s  Andiamo  deal  and  Network  Ap¬ 
pliance’s  planned  product  announcement 
are  signs  of  that  commitment.  What’s  more, 
the  arrival  of  these  companies  on  the  Fibre 
Channel  scene  could  drive  down  Fibre 
Channel  pricing. 


Cisco  is  expected  to  be  so  aggressive  on 
pricing  that  an  analyst  from  brokerage  firm 
U.S.  BanCorp  Piper  Jaffrey  recently  issued  a 
research  note  in  which  he  said  Cisco’s  pric¬ 
ing  strategy  could  “negatively  impact  Bro¬ 
cade’s  financial  performance.” 

Brocade  leads  the  market  for  Fibre 
Channel  switching,  with  a  34%  share, 
Gartner  says. 

According  to  Dragon  Slayer  Consulting, 
which  tracks  the  storage  market,  the  cur¬ 
rent  price  per  director-level  Fibre  Channel 
switch  port  is  $3, 100,  but  is  expected  to  fall 
to  about  $1,750  by  year-end. 

Fibre  Channel  users  also  can  look  for¬ 
ward  to  new  products  that  will  let  them  get 
more  out  of  their  SANs  by  extending  them 
across  greater  distances. 

Two  new  technologies,  Fibre  Channel 
over  IP  (FC/IP)  and  Internet  Fibre  Chan¬ 
nel  Protocol  (iFCP).are  designed  to  trans¬ 
port  Fibre  Channel  traffic  across  IP  net¬ 
works,  including  the  Internet. 

Both  technologies  appear  to  be  on  their 
way  to  becoming  IETF  standards  — 
increasing  the  likelihood  of  them  becom¬ 
ing  supported  in  products  from  main¬ 
stream  network  storage  vendors. 

Prestandard  implementations  of  FC/IP 
are  available  from  companies  such  as 
CNT  and  EMC,  while  products  supporting 
iFCP  are  available  from  vendors  such  as 
Nishan  Systems. 

See  Fibre  Channel,  page  26 
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1ML  appliances  proliferating 

Dedicated  hardware  is  designed  to  validate,  translate  and  route  XML  traffic. 


While  XML  today  accounts  for  less  than 
2%  of  enterprise  network  traffic,  by 
2006  almost  25%  of  LAN  traffic  will  con¬ 
tain  XML  documents,  ZapLink  says. 


■  BY  ANN  BEDNARZ 

The  beauty  of  XML  is  its  plat¬ 
form  independence  and  flexible 
yet  structured  format.  On  the  flip 
side,  XML  documents  are  band¬ 
width  hogs  that  require  transla¬ 
tion  and  need  to  be  secured. 

To  satisfy  XML’s  handling  re¬ 
quirements,  three  start-ups  have 
come  out  with  appliances  aimed 
at  processing  XML  traffic  quickly, 
securely  and  smartly.  Each  is 
emphasizing  slightly  different 
features,  although  their  products 
overlap. 

DataFbwer  Technology  is  aim¬ 
ing  for  speed.  Last  month,  the 
company  announced  the  XA35 
XML  Accelerator,  a  network  de¬ 
vice  built  to  process  XML  at  wire 
speed  and  improve  application 
response  times.  DataFbwer  says  its 
1U  (1.75-inch-high)  XA35,  which 
starts  at  $55,000,  accelerates  XML 
processing  tenfold  or  more. 

Forum  Systems  is  tackling  secu¬ 
rity.  In  June,  the  vendor  released 
the  Sentry  1500  hardware  appli¬ 
ance  for  encrypting  and  decrypt¬ 
ing  XML  content.  The  1U  Sentry 
1500,  which  starts  at  $35,000,  can 
protect  the  data  within  an  XML 
document,  not  just  the  packet 
itself,  Forum  says.  The  Sentry 
2500,  a  2U  (3.5-inch-high)  model 
with  built-in  failover  capability,  is 
due  this  fall. 

Sarvega  is  focusing  on  intelli¬ 
gent  routing.  In  May,  the  com¬ 
pany  unveiled  the  XPE  Switch,  a 
content-aware  switch  that  se¬ 
cures,  routes  and  prioritizes  XML 
traffic. 

Sarvega’s  4U  (7-inch-high)  XPE 
Switch,  which  starts  at  $100,000, 
can  understand  specific  tags 
within  an  XML  document  and 
give  priority  to  certain  transac¬ 
tions,  such  as  a  sales  order  vs.  a 
customer  address  change.  The 
next  version,  due  out  by  year- 
end,  will  be  slimmer  and  include 
additional  features  for  securing 
XML  content. 

At  their  most  basic,  these  new 
devices  off-load  XML  processing 
from  application  servers,  which 
can  get  bogged  down  parsing, 
translating  and  routing  XML  doc¬ 
uments. The  devices  sit  behind  a 
firewall  and  in  front  of  Web  and 
application  servers.  They  read 
passing  packets,  perform  re¬ 
quired  validation,  translation 
and  transformation  tasks,  and 


XML  handlers 

Dedicated  XML  appliances 
relieve  servers  of  XML 
processing  chores,  such  as: 

•  Validating  and  logging  XML 
traffic. 

•  Translating  XML  dialects. 

•  Prioritizing  and  routing  XML 
traffic  to  appropriate  servers. 

•  Encrypting  and  decrypting 
data  within  an  XML  document. 

forward  requests  contained  in 
the  XML  documents  to  an  appro¬ 
priate  server. 

“All  these  companies  see  XML 
as  the  next  network  traffic  that 
needs  to  be  tamed.  And  they 
have  a  good  point,”  says  Ron 
Schmelzer,  senior  analyst  at 
ZapThink. 

Traffic  management  for  XML 
will  become  increasingly  impor¬ 
tant  as  traffic  levels  multiply, 
experts  say.  ZapThink  predicts 
burgeoning  growth:  While  XML 
today  accounts  for  less  than  2% 
of  enterprise  network  traffic,  by 
2006  almost  25%  of  LAN  traffic 
will  contain  XML  documents,  the 
firm  says. 

XML’s  processing  requirements 
differ  from  switching  and  net¬ 
work  protocol  routing,  Schmelzer 
says. 

“Part  of  what  makes  XML  differ¬ 
ent  from  other  kinds  of  network 
traffic  is  that  you  can’t  identify  it 
by  packets  in  the  header,”  he 
says.“You  have  to  be  able  to  look 
at  every  piece  of  information  on 
the  network,  and  you  have  to 
decrypt  it,  decompress  it,  parse  it 
and  understand  it.  It  can  be  a 
real  challenge.” 

The  emergence  of  dedicated 
devices  to  handle  these  tasks  is  a 
natural  evolution,  according  to 
Forrester  Research. 

“As  the  volume  of  XML  traffic 
running  between  firms  multi¬ 
plies,  the  tasks  of  routing, parsing 
and  acting  on  traffic  will  overtax 
general-purpose  processors,” 
Forrester  says. 

For  Hemscott,  a  business  infor¬ 
mation  and  research  company 
in  London,  an  XML  bottleneck 
was  hindering  customer  service. 

To  compile  financial  reports 
that  customers  access  over  the 
Web,  Hemscott  was  pulling  data 
from  an  Oracle  database  and 
translating  it  from  XML  to  HTML 


to  generate  dynamic  Web  con¬ 
tent.  But  the  bulky  transforma¬ 
tions  were  bogging  down  ser¬ 
vers.  By  moving  XML  processing 
onto  DataPower’s  XA35,  Hem¬ 
scott  was  able  to  get  its  custom 
reports  to  customers  in  less  than 
1  second,  as  opposed  to  15  to  20 
seconds. 

Ray  Beaumont,  technical  archi¬ 
tect  at  Hemscott,  says  the  firm 
looked  first  at  software  options, 
but  couldn’t  find  any  that  could 
yield  “orders  of  magnitude 
faster”  XML  processing.  Beau¬ 
mont  says  he  would  have  pre¬ 
ferred  a  software  solution  over 
adding  specialized  hardware 
that  could  potentially  fail,  but 
DataPower’s  performance  gains 
won  him  over. 

“We  had  a  good  debate  about 
all  that,  and  I’m  comfortable  we 
made  the  right  decision  here,” 
Beaumont  says.  “There’s  nothing 
really  that  came  near  the  XA35  in 


terms  of  a  software  solution.” 

Forrester  compares  XML  pro¬ 
cessing  to  IP  routing,  Secure 
Sockets  Layer  encryption  and 
intrusion  detection  —  tasks 
that  initially  were  handled 
by  general-purpose  servers 
and  migrated  over  time  to  ded¬ 
icated  hardware. 

As  demand  grows,  better- 
known  hardware  vendors  likely 
will  tackle  XML  processing, along 
with  the  start-ups.  Companies 
such  as  Cisco  and  F5  Networks 
already  make  application-aware 
devices  that  handle  Layer  7  traf¬ 


fic  based  on  the  content  of  that 
traffic.  Optimizing  those  devices 
for  XML  traffic  could  be  the  next 
step,  experts  say. 

F5  will  get  into  the  XML  pro¬ 
cessing  market,  Schmelzer  pre¬ 
dicts. 

“If  they’re  already  looking  at 
traffic,  they  can  start  to  look  a  lit¬ 
tle  more  deeply  at  things  like 
XML  traffic,”  he  says. 

Indeed,  F5  confirms  that  it  is 
looking  into  the  area  of  XML 
acceleration,  according  to  a 
spokesperson.  But  the  company 
declined  to  detail  its  plans.  ■ 


RLX  revs  up  new  blade  server 


■  BY  DENI  CONNOR 

HOUSTON  —  RLX  Technol¬ 
ogies  last  week  announced  a 
server  blade  it  says  runs  Web 
and  other  applications  twice 
as  fast  as  earlier  models. 

RLX  says  its  ServerBlade 
1200i,  which  runs  on  a  1.2- 
GHz  Pentium  111  processor,  is 
designed  to  handle  dynamic 
applications  in  clustered 
environments. 

“What  they  have  built  is 
something  that  will  have  a  lot 
of  use  for  the  Web  tier  in  the 
data  center,”  says  Jamie 
Gruener,  a  senior  analyst  with 
The  Yankee  Group.  “They  still 
need  to  prove  themselves  a 
little  more  to  be  accepted  at  the 
application  server  tier.  RLX  faces 
a  race  against  time  with  other 
large  system  vendors  and  their 
blade  server  platforms.” 

Among  those  challengers  will 
be  IBM  and  Intel,  which  last 
week  announced  plans  to  build 
blade  servers  together. 

As  for  RLX,  up  to  12  of  its  new 
blades,  which  boast  up  to  2G 
bytes  of  RAM  and  one  or  two 
60G-byte  Integrated  Drive  Elec¬ 
tronics  (IDE)  drives,  can  fit  in  a 


Up  to  12  RLX  ServerBlade  1200s  can  fit  in  ; 
chassis,  and  up  to  168  can  fit  in  a  rack. 


3U  (5.25-inch-high)  chassis.  Up 
to  168  blades  handling  20  tera¬ 
bytes  of  data  can  fit  in  a  standard 
rack. 

Each  blade  contains  three 
Ethernet  adapters  —  one  for 
managing  the  blade  and  two  for 
connecting  to  a  network  or  net- 
work-attached  storage.  They  can 
run  Windows  or  Linux. 

The  1200i  is  interchangeable 
with  RLX’s  previous  blades,  the 
ServerBlade  800i  and  the  667. 
The  800i  uses  a  low-power  Pen¬ 


tium  111  processor  operating 
at  800  MHz;  the  ServerBlade 
667  uses  a  Transmeta  pro¬ 
cessor  running  at  667  MHz. 
They  are  intended  for  load 
balancing,  caching  and  stat¬ 
ic  Web  server  environments, 
where  density  and  low 
power  consumption  are 
important. 

The  company  also  has 
upgraded  its  Control  Tower 
management  and  provision¬ 
ing  software.  Version  4  adds 
role-based  authentication 
and  access,  an  increased 
provisioning  capability  and 
a  high-availability  failover 
option.  The  failover  option 
consists  of  software  and  two 
RLX  Control  Tower  4  blades. 

A  1200i  with  120G  bytes  of  disk 
space  and  256M  bytes  of  mem¬ 
ory  costs  $2,230.  The  failover 
package  costs  $7,000. 

RLX:  www.rlx.com 


Servers 


Subscribe  to  our  free  newsletter. 
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NetScreen  can.  NetScreens  line  of  purpose-built  security 
systems  and  appliances  has  the  flexibility  and  performance 
to  handle  new  threats.  And  evolve  with  them.  Keeping  not 
only  the  central  site  connected  and  secure,  but  also  your 
wireless  LANs  and  remote  offices.  NetScreens  solutions 
offer  integrated  VPN,  firewall  and  network  attack  blocking. 
All  of  which  are  key  to  keeping  predators  under  control. 
And  your  entire  enterprise  out  of  trouble.  Find  out  more 
about  securing  your  place  at  the  top.  Download  a  white  paper 
on  protecting  your  network  from  the  new  generation  of 
security  threats  at  www.netscreen.com/ad/na_nw. 


You’re  the  king.  Strong.  Safe.  Protected.  Right?  Wrong. 

The  fact  is,  if  your  network  isn’t  protected  by  NetScreen,  you 
could  be  far  from  safe.  You  see,  technological  advances  don’t 
only  occur  in  the  corporate  world.  Predators  —  inside  and 
outside  your  network  —  have  also  made  leaps  and  bounds. 
Frojan  Morses.  Worms.  Nimda.  Code  Red.  Denial  of  Service 
attacks.  All  emerging  threats  that  many  legacy  security 
solu  tions  just  can’t  handle. 
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Sometimes  1  watch  television  just  to 
be  entertained  by  a  series  of  adver¬ 
tisements,  those  that  are  more  enjoy¬ 
able  than  the  shows  that  interrupt  them. 
For  example,  take  the  latest  round  of 
Apple  Computer  ads  —  the  “switch”  cam¬ 
paign.  Each  supposedly  showcases  a  for¬ 
mer  Wintel  PC  user  who  finally  “saw  the 
light”  and  went  over  to  Steve  Jobs’  side.  1 
find  them  so  amusing  because  they  are 
obviously  targeted  toward  those  who  feel 


Fibre  Channel 

continued  from  page  23 

Further,  products  based  on  these  emerg¬ 
ing  standards  will  be  integrated  with  prod¬ 
ucts  from  companies  such  as  InRange  and 
Sicorp  that  extend  the  distance  of  Fibre 
Channel  links. 

Another  bright  spot  for  Fibre  Channel 
customers  is  that  product  vendors  are  start¬ 
ing  to  swap  APIs  that  can  be  used  to  sup¬ 
port  multivendor  management.  EMC, 
Hewlett-Packard  and  IBM  are  among  the 
companies  that  have  been  involved  in 
such  exchanges.  A  new  specification  called 
Bluefin  also  is  on  the  table  for  managing 
SANs  based  on  different  vendors’  products. 


Gan  an  Apple  a  day  really  keep  the  IT  expert  away? 


that  PCs  for  Dummies  is  too  technical. 

There’s  Janie  Fbrche,  the  young  woman 
who  saved  Christmas  (see  www.nwfusion 
.com,  DocFinder:  2333).  It  seems  her  poor 
dad  needed  to  spend  hours  downloading 
drivers  for  his  new  digital  camera  (evi¬ 
dently  her  dad  is  still  connected  to  the 
'Net  at  300  baud).  Pbrche  just  “put  a  cord” 
between  the  camera  and  her  Fowerbook, 
and  it  automatically  downloaded  all  the 
pictures.  Imagine  that  —  I  wonder  which 
brand  of  camera  THAT  was! 

Of  course,  the  big  star  is  Ellen  Feiss  (the 
student  many  think  was  high  on  some¬ 
thing  during  the  shoot)  —  she  even  has  a 
fan  club  and  Web  sites  tracking  her  every 
move  (www.ellenfeiss.net). 

These  are  enjoyable  not  because  of  any 
planned  humor,  but  because  it  really 


Effron’s  Black  says  managing  a  multi¬ 
vendor  SAN  from  the  same  interface 
makes  a  lot  of  sense.  “EMC  isn’t  afraid 
with  their  AutolS  platform  to  manage  not 
only  their  product,  but  other  vendors’ 
products,”  he  says. 

Obstacles  exist 

Despite  all  the  progress,  Fibre  Channel 
still  has  its  challenges. 

“There  are  management  and  staffing 
issues,”  says  Jamie  Gruener,  a  senior  analyst 
at  The  Yankee  Group.“I  hear  people  say  they 
don’t  have  enough  staff  [that  knows  Fibre 
Channel  well  enough]  to  build  out  SANs.” 

Observers  say  that  while  technologies 
such  as  FC/1P  and  iFCP  are  being  worked 


shows  the  Macintosh  mentality  Fbrche 
probably  complained  to  her  car  dealer, 
“Who  wants  to  spend  time  putting  gas  in 
the  car?” 

But  there’s  one  that’s  actually  scary. 

Theresa  McPherson  (see  DocFinder: 
2334)  tells  us  she  is  a  lawyer  who  started 
her  own  firm  but  didn’t  want  the  instabil¬ 
ity  of  PCs, so  chose  Macs  for  her  office.She 
also  didn’t  like  the  IT  department  at  her 
old  firm.  They  would  talk  to  her  in  words 
that  were  “too  technical"  for  her  to  under¬ 
stand.  She  just  wanted  to  be  able  to  run 
the  computers  by  herself.  She’s  proud  that 
her  Macs  are  networked  and  she  doesn’t 
need  an  IT  department.  I  wonder  what 
she’d  say  if  I  made  an  ad  for  the  Nolo  self- 
help  law  site  (www.nolo.com)  saying  that 
lawyers  spoke  in  a  jargon  I  couldn’t  under¬ 


on,  even  they  don’t  solve  all  the  latency 
and  data-rate  error  problems  that  SAN  traf¬ 
fic  is  prone  to  when  traveling  long  dis¬ 
tances. 

And  then  there’s  the  confusion  that  new 
technologies  such  as  InfiniBand  and  iSCSI 
are  generating.  Are  they  complementary  or 
competing  technologies  to  Fibre  Channel? 

Prigmore  says  there  is  room  for  them  all 
to  coexist.  InfiniBand  is  more  for  cluster¬ 
ing  servers,  not  so  much  for  transporting 
data  between  servers  and  storage  de¬ 
vices,  he  says. 

And  iSCSI  is  better-suited  for  small  or 
midsize  companies  or  branch  offices 
within  large  companies  than  the  more 
expensive  Fibre  Channel  is,  he  adds.  ■ 


stand,  I  just  want  to  do  it  all  myself? 

Macs  do  have  a  place  in  the  world. So  do 
people  who  work  on  their  own  cars,  com¬ 
puters  or  lawsuits.  But  the  people  doing 
the  work  themselves  better  thoroughly 
understand  what  they’re  doing  because 
something  will  go  wrong. You  will,  eventu¬ 
ally,  need  an  expert.  And  1  would  love  to 
be  the  consultant  McPherson  has  to  call 
in  when  her  network  has  a  problem! 

Kearns,  a  former  network  administrator, 
is  a  freelance  writer  and  consultant  in 
Silicon  Valley.  He  can  be  reached  at 
wired@quill.com. 


Tip  of  the  Week 


We’ve  complained  a  lot 
about  tech  support  and 
help  lines  from  hardware 
and  software  companies,  but 
|  one  vendor  that  consistently 
gets  high  praise  is  Cisco. 

Now  you  can  study  how  the 
|  company  does  it  and  per¬ 
haps  adopt  some  of  its 
methods  for  your  help  desk. 
Cisco  Press  has  just  pub¬ 
lished  E-Support,  subtitled 
How  Cisco  saves  millions 
while  improving  customer 
service.  Visit  www.cisco- 


press.com  to  find  out  more. 
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Now  you  can  take  your  IT  from  costing  money  to  making  money. 

Make  every  bit  of  your  IT  investment  work  for  your  business.  And  spend  less  on  IT  in  the  first  place.  Can  you  really 
do  this?  Mercury  Interactive  has  spent  13  years  helping  75%  of  the  Fortune  500  in  remarkable  ways.  Intrigued?  Then 
make  absolutely  sure  you  get  the  facts  on  how  our  new  Business  Technology  Optimization  software  and  services  can 
change  your  business  forever.  Sign  up  today  at  www.mercuryinterative.com/btoevents 
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TOWNMEETING 

Where  Technology  Leaders  Answer  To  You 

■  •• 

Join  us  in  a  city  near  you! 

September  25 

Chicago,  IL 

September  26 

Richardson,  TX 

October  2 

New  York,  NY 

October  3 

Washington,  DC 

October  8 

San  Diego,  CA 

October  9 

San  Jose,  CA 

This  FREE  one-day  Network  World  event  puts  the  pieces  together  and  shows 
you  how  to  reduce  costs  and  maximize  the  value  of  your  WAN  infrastructure! 


What  We'll  Cover 

■  The  latest  improvements  to  frame  relay  networks. 

■  How  new  features  of  IP-enabled  VPNs  help  you. 

■  Pros  and  cons  of  voice  over  IP  deployments. 

■  Improving  your  WAN  with  bandwidth 
enhancement  techniques. 

■  Quantifying  the  return  on  a  sound  WAN 
investment. 

■  Methods  for  securing  remote  access  systems. 


Learn  from  the  experts 

Dr.  Jim  Metzler,  founder  of  Ashton, 
Metzler  &  Associates,  and 
Sandra  Gittlen,  events  editor 
of  Network  World. 


Bonus  -  Attend  and  have  a  chance  to  win  a 
$200  American  Express  Gift  Cheque  for  the 
best  question  of  the  day. 


Register  online  today  at 

www.networkworld.com/events/wan/register.jsp  or  call 
1-800-643-4668.  Seating  is  limited  so  register  today! 

This  event  is  limited  to  qualified  IT  professionals  currently  involved  in  the  evaluation  and  purchase  of  WAN  products  and  services. 

Network  World  reserves  the  right  to  determine  the  total  audience  profile. 
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The  downside:  your  walk  through  the  parking  lot  was  long.  The  upside:  it  gave  you  time 
to  think  about  a  way  to  eliminate  the  high  cost  and  hassles  of  overnight  delivery. 

And  lo  and  behold,  you  found  it:  Canon  imageRUNNER™  technology.  It  lets  you  send  documents  anywhere,  in  any  form,  at  any  time, 
over  your  network  or  the  Internet.  Instantaneously.  Just  scan  a  document  into  the  imageRUNNER  and  send  it -to  desktops,  E-mail 
addresses,  fax  machines,  databases  and  file  servers.  All  of  which  results  in  lowered  costs  and  increased  productivity.  So,  take  pride. 
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SERVICES  AND  STRATEGIES 
FOR  TYING  TELEWORKERS  TO  THE  ENTERPRISE 


Teleworkers  drive  broadband  market 

New  report  shows  strong  demand  for  VPN,  Internet  telephony  and  data  back-up  services. 


■  BY  TONI  KISTNER 

At  last,  broadband  service  providers 
have  a  surefire  way  to  know  which  appli¬ 
cations  customers  will  pay  for:  Just  follow 


■Takes 


■  Positive  Networks  today  an¬ 
nounced  PositivePro  WebTop,  a 

Web-based  addition  to  its  remote  ac¬ 
cess  service.  PositivePro  creates  IP 
VPN  connections  between  the  corpo¬ 
rate  network  and  teleworker  sites, 
and  gives  administrators  the  ability  to 
control  the  security  and  remote  user 
environment  and  experience.  WebTop 
lets  teleworkers  access  corporate 
intranet  sites,  e-mail  and  files,  and  lets 
them  run  applications  and  access  and 
control  other  PCs,  such  as  their  work¬ 
stations,  from  remote  locations.  Pos¬ 
itivePro  costs  $15  to  $50  per  user,  per 
month,  www.positivenetworks.com 

■  The  rise  in  the  number  of  remote 
workers  is  spurring  demand  for 
broadband  services  by  large  compa¬ 
nies,  according  to  a  new  report  from 
Cahners  In-Stat/MDR  called 
“Pipe  filling:  The  applications  driving 
demand  for  broadband  in  the  main 
and  remote  offices."  While  continued 
growth  is  expected,  20%  of  enter¬ 
prise  customers  said  they  wouldn't 
choose  broadband  for  their  main 
office  locations. 

■  ExpertCity  last  week  announced 
Version  3.0  of  its  remote  access  ser¬ 
vice,  GoToMyPC  Corporate.  GoTo 
MyPC  allows  Web  access  to  comput¬ 
ers  using  Advanced  Encryption 
Standard  encryption;  the  new  version 
lets  administrators  create  distinct 
user  groups  and  assign  access  rights 
to  features,  such  as  file  transfer  and 
remote  printing.  Also  added  is  the 
ability  to  control  the  number  of  PCs 
each  user  can  access.  Pricing  is 
based  on  the  number  of  systems  reg¬ 
istered.  www.gotomypc.com 


the  teleworkers. 

Forthcoming  research  from  analyst  firm 
Parks  Associates  reveals  that  while  con¬ 
sumers  are  interested  in  a  variety  of  broad¬ 
band  services  —  everything  from  home 
networks  to  content  filtering  to  environ¬ 
mental  controls  —  that  doesn’t  mean 
they’re  ready  (or  willing)  to  pay  for  them. 

The  report,  “Broadband  access  @  home 
Ill,  a  survey  of  10,800  Internet  households,” 
won’t  be  released  until  Nov.  1,  but  Parks 
gave  Net. Worker  a  sneak  peek  of  the  results 
in  six  categories  we  selected:  Internet  back¬ 
up, VPN,  home  security  environmental  con¬ 
trols,  videoconferencing  (or  video  calling) 
and  Internet  telephony 

To  yield  richer  data,  Parks  broke  down  the 
respondents  by  teleworkers  and  nontele¬ 
workers,  and  then  cross-tabulated  the 
results.  For  the  purposes  of  this  report,  Parks 
considered  a  teleworker  someone  who 


works  at  home  at  least  eight  hours  per 
week  during  regular  business  hours,  con¬ 
necting  to  the  corporate  network.  (Home- 
based  business  owners  and  those  who  take 
work  home  after  hours  fell  into  the  con¬ 
sumer  group.) 

To  help  determine  respondents’  degree 
of  interest  in  services  vs.  their  willingness  to 
pay  for  them,  Parks  asked  them  to  rate  their 
interest  on  a  scale  from  1  to  7,  then  used  a 
proprietary  method  called  the  Relative 
Strength  Formula  to  translate  consumer 
interest  into  concrete,  discernible  con¬ 
sumer  action/purchasing  behavior,  says 
Michael  Greeson,  Parks’  senior  analyst  and 
director  of  broadband  research. 

“Using  this  formula,  we’ve  been  within  a 
margin  of  error  of  10%  for  three  years  on  all 
of  our  forecasts,”  he  says. 

While  the  report  is  targeted  mainly  to  soft¬ 
ware  vendors  and  broadband  service  pro¬ 


viders,  it  also  offers  insight  for  network 
executives  and  small  businesses  tasked 
with  helping  create  telework  policies  and 
providing  applications  to  remote  workers. 

In  particular,  the  results  for  data  backup 
and  VPN  indicate  that  firms  don’t  support 
their  remote  workers  as  well  as  they 
should.  Teleworkers  are  27.5%  more  likely 
to  buy  data  back-up  service  than  nontele¬ 
workers  and  19%  more  likely  to  buy  VPN 
services.  Nearly  30%  of  teleworkers  want  to 
subscribe  to  a  VPN  service;  24.6%  want  to 
subscribe  to  a  data  back-up  service.  Also 
significant,  24.8%  of  nonteleworkers  would 
buy  VPN  services,  a  group  likely  compris¬ 
ing  occasional  teleworkers  and  employees 
who  take  work  home  after  hours  and  want 
to  connect  to  the  corporate  network. 

As  important,  the  survey  proves  telework¬ 
ers  are  better  educated  than  nontelework- 
See  Teleworkers,  page  30 


Tiny  Software  security  program 
traps  telecommuters'  Trojans 


■  BY  EARL  GREER 

The  best  security  is  a  layered  defense. 
Companies  surround  themselves  with 
rings  of  firewalls,  intrusion  detectors  and 
content  filters,  and  yet  malicious  code 
occasionally  penetrates  and  assaults  their 

innermost 
hard  drives. 

Tiny  Trojan 
Trap  tackles 
this  last  possi¬ 
ble  breach  with  sandbox  technology  that 
places  users’  software  applications  into  pri¬ 
vate  sandboxes  where  they  can  play  but 
can’t  do  anything  destructive. 

In  our  tests.  Tiny  Trojan  Trap  protected 
files  residing  on  Windows-based  desktops, 
but  you  have  to  specify  its  boundaries  — 
what  it  should  protect  and  what  it  must 
leave  alone. 

Tiny  Trojan  Trap  is  a  stand-alone  appli¬ 
cation  that  can  be  installed  remotely  via, 
for  instance,  Microsoft’s  Systems  Man¬ 
agement  Server  or  Novell’s  ZENWorks,  to 
multiple  remote  desktops.  A  network 
professional  would  probably  tweak  the 
See  Tiny  Software,  page  30 
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Net  Results 


Tiny  Trojan  Trap  3.0.4 

Company:  Tiny  Software,  (408)  919-7360,  www.tinysoftware.com 
Cost:  $30  Pros:  Performs  security  lockdowns  of  a  very  broad 
range  of  desktop  computer  resources.  Cons:  Requires  an 
operating  system  expert  to  configure  all  settings. 


What's  the  score? 

Tiny  Trojan  Trap  3.0.4 

Administration  30% 

3 

Ease  of  use  25% 

3 

Features  25% 

5 

Installation  10% 

4 

Documentation  10% 

4 

TOTAL  SCORE 

3.7 

Individual  category  scores  are  based  on  a  scale  of  1  to  5.  Percentages  are  the  weight  given 
each  category  in  determining  the  total  score.  ■  Scoring  Key:  5:  Exceptional  showing  in  this 
category.  Defines  the  standard  of  excellence.  4:  Very  good  showing.  Although  there  may  be  room 
for  improvement,  this  product  was  much  better  than  the  average.  3:  Average  showing  in  this 
category.  Product  was  neither  especially  good  nor  exceptionally  bad.  2:  Below  average.  Lacked 
some  features  or  lower  performance  than  other  products  or  than  expected.  1:  Consistently  subpar, 
or  lacking  features  being  reviewed. 


3.7 

RATING 
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NetWorker 

www.nwfusion.com 

To  pay  or  not  to  pay? 


For  the  longest  time  we’ve  been  condi¬ 
tioned  to  ignore  telephone  pole  and 
supermarket  bulletin-board  postings 
that  offer  lucrative  work  at  home  opportu¬ 
nities.  Such  scams  are  easy  to  weed  out; 
unlike  real  jobs,  they  always  offer  great  pay 
for  no  work  and  ask  for  money  up  front  to 
give  you  the  details. 

The  scammers  have  made  it  difficult  for 
legitimate  telework  job  boards  to  gain  a 
foothold.  So  to  distance  themselves  as 
much  as  possible,  the  first  wave  of  telework- 
specific  job  sites  generate  revenue  not 
from  prospective  employees,  but  from  the 


employers  looking  to  hire. While  the  model 
does  protect  workers  from  scams,  it’s  failed 
to  prod  employers  to  offer  telework  jobs 
publicly,  so  their  effect  on  the  telework 
world  has  been  minimal.  Sure,  telework 
jobs  in  big  and  small  companies  are  out 
there,  but  until  now  it’s  been  difficult,  if  not 
impossible,  to  negotiate  for  one  up  front. 
Smart  prospects  often  don’t  even  mention 
the  idea  of  working  from  home  until  the 
firm’s  made  an  offer. 

Despite  the  bad  reputation  of  work-at- 
home  offerings,  a  new  job  site  called 
CareersFromHome  is  trying  to  jump-start 
the  telework-specific  job  site  market  by 
charging  prospective  employees,  not  em¬ 
ployers,  for  access  to  telework  job  leads. 
Launched  in  January  the  site’s  reception 
has  been  mixed.  Employers  love  it;  800-plus 
have  signed  up  so  far.  It’s  the  job  hunters, 
often  confused  and  skittish  about  paying 
anything,  who’ve  been  reluctant  to  join. 


The  site  is  the  brainchild  of  Denise  and 
Tony  Gauthier  Jr. ;  he  is  a  former  Web  mar¬ 
keting  exec, she, a  former  human  resources 
professional,  based  in  Atlanta.  In  2001, 
Denise  decided  to  work  from  home  to 
spend  more  time  with  the  couple’s  three 
school-aged  kids,  so  she  began  selling 
memberships  to  a  list  of  telework  jobs  she 
hand-culled  from  Internet  job  boards. 
When  demand  for  the  service  became  too 
great,  and  the  e-mail  method  became  too 
cumbersome,  the  Gauthiers  built  the 
CareersFromHome  site. 

Much  of  the  site  is  automated.  Job  candi¬ 
dates  use  the  resume  builder  to  format 
their  resumes  to  work  with  the  site’s  option¬ 
al  search  service,  and  employers  post  their 
jobs  directly  to  the  site.  While  the  site  is 
well-designed  and  professional,  Denise 
says  they  spend  a  lot  of  time  and  energy 
convincing  prospective  candidates  it’s  OK 
to  pay  for  services. 


“We’re  also  often  battling  unrealistic 
expectations,”  Denise  says.“We’re  educating 
job  seekers  to  what  telecommuting  really  is 
—  nothing  like  the  work  at  home  signs  you 
see  along  the  freeway  Even  so,  we  get  com¬ 
plaints  because  people  expect  to  find  a  job 
right  away” 

No  matter, the  Gauthiers  are  doing  a  lot  of 
things  right.  Recently  MediaMetrix  found 
that  CareersFromHome.com  jumped  from 
1 7th  to  seventh  of  the  most  visited  job-relat¬ 
ed  sites. 

The  service  costs  $9.95  per  month  or  $45 
per  year,  far  from  exorbitant.  For  no  cost, 
employers  can  post  a  job  description  and 
receive  resumes.  For  a  fee  of  $100  per 
month  or  $800  per  year,  employers  can 
search  the  resumes  posted  on  the  site. 

Kistner  is  the  managing  editor  of  the 
Net.  Worker  section.  She  can  be  reached  at 
tkistner@nww.  com. 


Teleworkers 

continued  from  page  29 

ers  in  the  need  for  secure  remote  con¬ 
nections  and  file  safety.  The  question  is, 
do  network  executives  want  their  tele¬ 
workers  contracting  with  consumer 
broadband  providers  for  corporate  ser¬ 
vices?  Probably  not. 

The  results  also  show  that  teleworkers 
will  be  the  early  adopters  of  connected 
home  technology  —  22.4%  of  teleworkers 
are  more  willing  than  nonteleworkers  to 
subscribe  to  an  environmental  monitoring 
service  and  22.9%  more  likely  to  subscribe 
to  a  home  security  service.  Nearly  one- 
quarter  of  teleworkers  (24.7%)  is  willing  to 
buy  home  security  services;  21.3%  would 
pay  for  environmental  monitoring. 

“Teleworkers  are  a  great  target  audience 
for  every  new  type  of  service,”  Greeson 
says.  “I  can  throw  a  dart  at  the  teleworker 
space  and  find  a  service  that’s  going  to 
have  a  lucrative  market.” 

The  gap  narrows  between  the  groups  in 
video  calling/conferencing  and  Internet 


telephony  (17.9%  and  14%,  respectively), 
which  implies  a  large  number  of  con¬ 
sumers,  not  just  teleworkers,  understand 
the  value  and  are  willing  to  pay  for  such 
services.  About  21%  of  teleworkers  would 
subscribe  to  such  a  service  —  that’s  a  20% 
difference  between  teleworkers  and  non¬ 
teleworkers. 

“People  understand  and  like  the  idea  of 
adding  video  to  a  traditional  phone  call,” 
Greeson  says.“It  makes  sense  to  them.” 

Smaller  companies  might  welcome  the 
thought  of  remote  workers  subscribing  to 
corporate  services  from  their  service 
providers,  but  larger  companies  would  find 
themselves  supporting  an  ever-more-com¬ 
plicated  remote  workforce  using  a  hybrid 
and  inconsistent  mix  of  company  and  per¬ 
sonal  services. 

If  the  majority  of  teleworkers  already  pay 
for  their  broadband  connections,  would 
the  company  also  expect  them  to  pay  for 
VPN  and  data  back-up  services?  Ideally 
the  company  should  pay  for  everything 
the  teleworker  needs  to  do  his  job. 

Parks:  www.parksassociates.com 


Leaders  of  the  pack 

A  greater  percentage  of  teleworkers  than  traditional  consumers  are 
willing  to  pay  for  broadband  services,  according  to  forthcoming  Parks 
Associates  research.  The  chart  shows  the  percentage  difference 
between  them  in  six  areas. 
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Tiny  Software 

continued  from  page  29 

settings  on  each  desktop  to  get  it  set  up 
properly 

It  was  easy  to  install,  placing  almost  all 
our  existing  applications  in  an  unrestrict¬ 
ed  group,  making  the  assumption  that 
they  had  no  dangerous  aspects.  (See  How 
we  did  it, right). 

The  software  then  blocked  our  attempts 
to  download  a  harmless  PDF  file  contain¬ 
ing  the  manual  because  the  install  pro¬ 
gram  had  placed  Internet  Explorer  into  an 
application  group  with  restricted  rights.  We 
could  read  and  print  the  file  with  Acrobat 
Reader  because  Acrobat  was  placed  in  the 
unrestricted  application  group. 

We  would  have  preferred  an  installation 
option  that  let  us  start  with  low,  medium  or 
high  security  options  for  our  applications. 

The  Administration  Tool  used  after 
installation  has  an  easy  mode  setting  that 
lets  you  adjust  simple  slide  bars  to  the 
level  of  security  desired  for  each  applica¬ 
tion  group. There  is  also  a  helpful  list  of  all 
the  application  groups,  and  moving  appli¬ 
cations  between  groups  is  simply  drag 
and  drop. 

The  advanced  mode  has  a  two-pane  win¬ 
dow  resembling  Windows  Explorer  to 
match  application  groups  to  individual  sys¬ 
tem  components.  Each  application  group 
gets  access  privileges  specified  for  each 
system  component.  For  example,  you  can 
specify  that  all  the  applications  in  a  partic¬ 
ular  group  can  have  limited  access  to  indi¬ 
vidual  services,  hardware  devices  and  even 
specific  subdirectories  of  files. 

Advanced  mode  also  lets  you  add  con¬ 
tent  filtering  for  Web  access  and  outgoing 
e-mail.  Trojan  Trap  does  not  provide  a 
blacklist  of  Web  sites  or  a  list  of  suggested 
words  to  block  outgoing  e-mail. 

There  are  some  handy  tools  for  han¬ 
dling  cache  and  cookies.  We  set  an 
option  to  delete  all  cookies  after  each 
session  and  edited  the  list  of  Web  sites  we 
visited,  an  automatic  way  to  clean  up 


How  we  did  it 


We  tested  Tiny  Trojan  Trap 
Version  3.0.4  primarily  on  a 
Dell  OptiPlex  GxllO,  667 
MHz  running  Windows  2000  Pro¬ 
fessional  and  also  on  a  Compaq 
Presario  5000  1.2  GHz,  running 
Windows  XP  Home  Edition.  We  ran 
a  batch  file  to  delete  several  sys¬ 
tem  files.  We  used  a  disk  editor  to 
manipulate  the  boot  records  on  our 
hard  drive.  We  sent  an  e-mail  mes¬ 
sage  using  Microsoft's  Outlook 
Express  to  test  the  e-mail  filtering. 


your  browser’s  cache. 

When  we  tested  the  product  on  a  multi¬ 
user  computer,  we  were  disappointed  that 
each  user  cannot  have  his  own  Trojan 
Trap  settings.  We  appreciated  the  pass¬ 
word  feature  that  prevents  tampering  with 
the  settings. 

Trojan  Trap  lets  you  adjust  security 
downward  to  allow  better  computer  per¬ 
formance.  But  on  our  1.2-GHz  Windows 
XP  computer  there  was  no  noticeable  per¬ 
formance  hit  at  all  at  its  highest  setting. 

Trojan  Trap  comes  with  the  ability  to 
launch  antivirus  scans  and  to  automati¬ 
cally  scan  CAB  files  before  they  are 
installed.  However,  it  couldn’t  identify 
Norton  AntiVirus  2002. 

Reporting  in  Trojan  Trap  is  limited.  We 
would  have  liked  to  have  at  least  printed 
out  some  of  the  information  in  the  Activity 
windows  and  sorted  columns  of  data  by 
clicking  on  their  headers. 

Overall,  we  would  recommend  Tiny 
Trojan  Trap  as  an  added  layer  of  security 
to  expert  users  and  to  average  users  who 
have  the  patience  to  adjust  its  settings. 

Greer  is  a  senior  network  analyst  at  a  large 
Texas  state  agency.  He  can  be  reached  at 
Earl.  Greerfsklhs.  state,  tx.  us. 
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WHERE  THE  CIO  SEES 


STREAMS  OF  WIRELESS  DATA, 


THE  CFO  SEES 


A  RISE  IN  PRODUCTIVITY 
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Let’s  face  it.  What’s  important  about  wireless  data  is  what  you  do  with  it.  So,  when  Werner  Enterprises  needed 


access  to  critical  business  data  for  their  6,700  person  mobile  workforce,  QUALCOMM  delivered.  (Jttf  wireless 
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technology  allowed  them  to  track  customer  order  status,  process  claims,  conduct  electronic  funds  transfers,  and 
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check  payroll  information.  So,  now  when  CIOs  brag  about  their  powerful  new  technology,  CFOs  can  actually 


get  excited,  too.  To  learn  how  mobile  data  can  help  your  company  prosper,  visit  www.qualcomm.com/enterprise. 
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and  Intel  Xeon  Processors, 
there's  one  for  every  kind  of  business 

From  "kind  of  start  up"  to  "kind  of  FORTUNE  500.®" 


No  matter  the  size  of  your  company,  we've  got  a  server  that  fits.  Dell  PowerEdge  servers  with  Microsoft"  Windows®  2000  Server  operating  system  and  Intel  ‘  Xeon” 
Processors  grow  with  your  business,  minimize  downtime,  are  easy  to  integrate  and  even  easier  to  support.  No  matter  what  your  business  needs  -  from  file/print  to 
database  management  -  you  can  choose  the  server  with  Microsoft®  Windows®  2000  Server  operating  system  and  Intel®  Xeon”  Processors  that  is  right  for  you.  And,  by 
dealing  direct  with  Dell,  you  get  a  system  customized  to  fit  your  business  needs,  at  an  affordable  price,  backed  by  our  award-winning  service  and  support.  It’s  a  nice  mix 
of  exactly  the  server  you  need  with  exactly  the  operating  system  and  processors  you  want. 


60  DAYS 


same-as-cash 

for  qualified  customers10 


Dell  Rated  #1  in  Intel-Based  Server  Satisfaction 

Technology  Business  Research 
Corporate  IT  Buying  Behavior  and  Customer  Satisfaction  Study 

1st  Quarter  2002 
-June  2002 


Dell  |  Small  Business 


PowerEdge™  600SC  Server 

NEW  Basic  Server  with  Performance  Features 

•  Intel* *  Pentium*  4  Processor  at  2GHz 

•  128MB  133MHz  DDR  SDRAM  (up  to  2GB) 

•20GB5  (7200  RPM)  IDE  Hard  Drive 

•  Upgradeable  to  18GB  SCSI  Performance  Hard  Drive 

•  Optional  PV100T  Tape  Back-Up 

•  Embedded  Intel*  Pro  Gigabit*  NIC 

•  Six  PCI-X  Performance  Expandability  Slots 

•  1-Yr  24x7  Technical  Phone  Support 

•  1-Yr  Next  Business  Day  On-Site  Service5 

£  as  low  as  $25/mo.,  (46  pmts*)  60  Days 

^  Same-As-Cash  for  qualified  customers 

WWW  E-VALUE  Code:  12995-S20908 


Recommended  upgrades: 

•  Network  Custom-Install  Survey,  add  $199 

•  3-Yr  Next  Business  Day  On-Site  Service,3  add  $199 

•  System  Including  Windows*  2000  Server,  only  $1699 


PowerEdge™  2600  Server 

NEW  High  Performance  and  Availability  Tower 

•  Intel*  Xeon"  Processor  at  2GHz 

•  Dual  Processor  Capable 

•  128MB  200MHz  ECC  DDR  SDRAM  (up  to  6GB) 

•  18GB5  (1  OK  RPM)  Hot-Swap  Ultra320  SCSI  Hard  Drive 

•  Upgradeable  to  584GB  of  Internal  Hard  Drive  Storage 

•  Dual  Embedded  Gigabit”  NICs 

•  Active  ID  Front  Bezel  for  Monitoring  System  Health 

•  Hot-Swap,  Redundant  Cooling  Fans 

•  3-Yr  Next  Business  Day  On-Site  Service3 

£  as  low  as  $57/mo.,  (46  pmts”)  60  Days 

^  viwj  Same-As-Cash  for  qualified  customers 

■  WWW  E-VALUE  Code:  12995-S20919 


Recommended  upgrades: 

•  Hot-Swap  Redundant  Power  Supply,  add  $249 

•  Embedded  Dual-Channel  RAID,  add  $299 

•  System  Including  Windows*  2000  Server,  only  $2799 


PowerEdge™  2650  Server 

NEW  2U  Rack-Optimized  Performance  and  Scalability 

•  Intel*  Xeon”  Processor  at  2GHz 

•  Dual  Processor  Capable 

•  256MB  200MHz  ECC  DDR  SDRAM  (up  to  6GB] 

•  18GB5  (10K  RPM)  Ultral  60  SCSI  Hard  Drive 

•  Upgradeable  to  365GB  of  SCSI  Hard  Drive  Capacity 

•  Dual  Embedded  Gigabit”  NICs 

•  Dual-Channel  Integrated  Ultra160  SCSI  Controllers 

•  Active  ID  Front  Bezel  for  Monitoring  System  Health 

•  Optional  Embedded  Dual-Channel  RAID 

•  Optional  Redundant  Power  Supplies 

•  3-Yr  Next  Business  Day  On-Site  Service3 

£  ^  ^  as  low  as  $62/mo.,  (46  pmts3")  60  Days 

^  M  Ivlvl  Same-As-Cash  for  qualified  customers 

L  IvJ  E-VALUE  Code:  12995-S20921 


Recommended  upgrade: 

•  System  Including  Windows*  2000  Server,  only  $2999 


PowerVault™  PV715N  Storage 

Network  (NAS)  Backup  and  File  Sharing  Storage 

•  Offloads  Storage  Load  from  Desktops  and  Servers 

•  Snap  Shot  Capability  for  Protecting  Stored  Data 

•  No  Charge  on  Operating  System  License  up  to  250  Users 

•  Intel®  Celeron®  Processor  at  850MHz 

•  384MB  SDRAM  (up  to  512MB) 

•  160GB5  IDE  Hard  Drive  Capacity  (up  to  480GB) 

•  Dual  10/100  Ethernet  Ports 

•  Multi-Platform  Support  of  PC,  Unix,  Apple,  and  Novell 

•  Microsoft®  Windows®  Powered  Operating  System 

•  3-Yr  Next  Business  Day  On-Site  Service3 

•  Price  Includes  $100  Small  Business  Discount 

as  low  as  $48/mo„  (46  prats”)  60  Days 
^  |  r\ilil  Same-As-Cash  for  qualified  customers 

■  WWW  E-VALUE  Code:  12995-S20916n 


Recommended  upgrade: 
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Optical  Networking 


® 


Solutions  for  the  Enterprise 


OPTICAL  NETWORKING  has 

emerged  as  the  foundation  for  cam¬ 
pus,  metro  and  wide-area  networking 
with  the  ability  to  integrate  voice, 
video,  data  and  storage  over  a  single 
network.  Multiservice  networking  — 
through  Synchronous  Optical 
Networking/Synchronous  Digital 
Hierarchy  (SONET/SDH)  and 
Wavelength  Division  Multiplexing 
(WDM)  —  provides  increased  band¬ 
width  and  performance  while  facili¬ 
tating  data  center,  application  server, 
storage  and  network  infrastructure 
consolidation  to  optimize  resources 
and  reduce  costs.  In  addition,  optical 
networking  supports  storage-area 
networking  (SAN)  and  IP-based  net¬ 
work-attached  storage  (NAS)  solu¬ 
tions  to  effectively  access,  manage, 
and  protect  corporate  data,  and  to 
provide  the  foundation  for  business 
resilience  applications.  Optical 
Ethernet  provides  a  powerful  dynam¬ 
ic,  high-speed  Gigabit  Ethernet  and 
io-Gigabit  Ethernet  for  high-capaci¬ 
ty,  high-performance  applications. 


Cisco  Systems  is  an  industry  leader 
in  next-generation  optical  network¬ 
ing.  The  Cisco  Complete  Optical 
Multiservice  Edge  and  Transport 
(COMET)  product  portfolio  inte- 


Cisco  COMET  provides  the  optical  today’s  networking  challenges  while 
foundation  for  Cisco  AWID  providing  the  network  capacity,  per- 

(Architecture  for  Voice,  Video  and  formance,  and  resilience  necessary  to 
Integrated  Data)  and  leverages  Cisco  meet  future  business  application 
expertise  in  IP,  data  networking,  requirements. 
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Enable  and  Enhance  Application 
Performance 

Capacity,  performance,  and  availabil¬ 
ity  problems  can  stifle  company 
growth,  reduce  business  productivity, 
and  result  in  user  dissatisfaction.  A 
Cisco  COMET  network  provides  vir¬ 
tually  boundless  capacity  and  per¬ 
formance,  is  easily  scalable  for  traffic 
growth — from  Tl/El  and  Ethernet  to 
OC-192/STM-64  and  10-Gigabit 
Ethernet — with  aggregate  throughput 
to  320  Gbps.  In  addition,  Cisco 
COMET  provides  both  the  low 
latency  and  low  jitter  necessary  for 
demanding  VoIP,  video,  and  collabo¬ 
ration  applications. 

Extend  and  Integrate  Your 
Current  Cisco  Network 

As  the  largest  and  most  experienced 
provider  of  enterprise  networks  in 
the  world,  Cisco  has  the  ability  to 
deliver  complete  network  solutions— 
both  today  and  in  the  future.  Cisco 
COMET  extends  an  existing  Cisco 
network  infrastructure  to  deliver  any 
application  or  service — such  as  IP, 
storage,  Ethernet,  time-division  mul¬ 
tiplexing  (TDM),  or  ATM — over  a 
single,  end-to-end,  optical  network. 

Optical  transport  products,  such  as 
the  Cisco  ONS  15530,  15540, 

15200,  and  15454,  provide  transport 
for  applications  delivered  through  the 
Cisco  Catalyst®  6500  Series 
Ethernet  switches,  the  Cisco  7600 
Series  Internet  Routers,  and  the 
Cisco  12000  Series  Internet  Routers. 
This  ensures  that  service  levels  creat¬ 
ed  at  the  network  edge  (such  as  with 
VoIP  services)  are  maintained 
throughout  the  optical  core. 

In  addition,  management  of  the 
Cisco  COMET  network  is  provided 
by  a  single,  integrated  client/server 
software  application — the  Cisco 
Transport  Manager — which  gives  net¬ 
work  managers  visibility  across  the 
entire  network. 


Satisfy  Current  and  Future 
Application  Requirements 

Cisco  COMET  provides  a  broad 
portfolio  of  optical  networking  capa¬ 
bilities  to  meet  today’s  demanding 


application  requirements,  while  pro¬ 
viding  the  foundation  for  the  band¬ 
width-hungry,  performance-demand¬ 
ing  applications  of  tomorrow.  The 
breadth  of  available  Cisco  technology 
ranges  from  high-performance  multi¬ 
service  networking  with 
SONET/SDH  and  DWDM,  to  IP- 
optimized  transport  through  Gigabit 
Ethernet  and  10-Gigabit  Ethernet  to 
Resilient  Packet  Ring/Dynamic 
Packet  Transport  (RPR/DPT).  The 
Cisco  portfolio  also  includes  applica¬ 
tion-optimized  solutions  such  as 
Fibre  Channel,  Enterprise  System 
Connection  (ESCON),  Fiber 
Connectivity  (FICON),  Small 
Computer  Systems  Interface  over  IP 
(iSCSI),  and  Fibre  Channel  over  IP 
(FCIP)  for  storage  networking. 

Cisco  has  quickly  become  the  opti¬ 
cal  networking  leader  in  the  integra¬ 
tion  of  voice,  video,  data  and  storage 
networking.  Cisco  is  leveraging  its 
expertise  in  IP,  data  networking,  and 
pioneering  efforts  in  maturing  VoIP, 
while  bringing  storage  networking 
and  optical  networking  to  the  enter¬ 
prise.  Cisco  is  committed  to  main¬ 
taining  its  leadership  position 
through  ongoing  technology  develop¬ 
ments  that  are  moving  rapidly  from 


the  innovation  to  deployment  phases 
(Figure  2).  These  technology 
advances  will  protect  and  support 
enterprise  network  investments  well 
into  the  future. 


Enable  Resilience 
Throughout  the  Network 

Cisco  COMET  enables  enterprises 
to  deploy  networks  with  the  perform¬ 
ance  and  resilience  necessary  for 
today’s  critical  business  services.  Cisco 
COMET  provides  industry-leading 
system-level  and  network-level  redun¬ 
dancy  and  reliability  options,  with 
protection  at  both  the  electrical  and 
optical  layers.  Cisco  COMET  offers 
no  single  point  of  failure  per  system, 
optical  layer  protection  with  failover 
time  of  less  than  50  milliseconds  (for 
optical  layer  or  SONET/SDH);  and 
higher  layer  routing  or  switching, 
which  provides  the  foundation  for 
nonstop  application  networking. 
Predictable  and  measurable  optical 
and  digital  performance  provides  the 
quality  of  service  (QoS)  necessary  for 
policy-based  networking. 

Increase  Network 
Productivity  and  Lower 
Total  Cost  of  Ownership 

Cisco  COMET  provides  tremendous 
network  flexibility  through  multiple 
technologies  optimized  to  specific 
application  requirements.  The  systems 
are  designed  for  rapid  bandwidth  pro¬ 
visioning  and  fast  deployment  of  new 
applications.  Cisco  COMET  makes 


Figure  2:  Cisco  COMET  Optical  Technology  Leadership 
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network  growth  easy,  allowing  for  min¬ 
imum  disruption  to  existing  services, 
either  through  optical  integration  with 
existing  routers  or  switches,  high- 
capacity  SONET/SDH  switches,  or 
complete  DWDM  systems  with  pro¬ 
tocol  and  bit-rate  transparent  optical 
wavelengths.  Through  network  flexi¬ 
bility,  rapid  deployment,  maximized 
performance,  and  scalable  manage¬ 
ment,  Cisco  COMET  provides  a 
lower  total  cost  of  ownership. 

Cisco  COMET  Optical 
Networking  Solutions 

Cisco  COMET  enables  many  enter¬ 
prise  networking  solutions,  including 
network  consolidation  of  data,  voice, 
video,  and  storage;  storage  networking 
and  business  continuance;  and  optical 
Ethernet. 

Network  Consolidation  and 
Multiservice  Networking 

Consolidating  data  centers,  applica¬ 
tion  servers,  storage,  and  network 
infrastructure  helps  to  optimize  exist¬ 
ing  IT  resources  by  providing  consis¬ 
tent  application  and  data  access  to  all 
users  and  reducing  overall  support 
costs.  Consolidating  corporate 
Internet  and  intranet  applications  also 
provides  a  unified  company  presence 
to  customers  and  partners.  Cisco 
COMET  facilitates  network  consoli¬ 
dation  through  SONET/SDH,  Coarse 
Wavelength  Division  Multiplexing 
(CWDM)  and  DWDM  multiservice 
networking  capabilities. 

Storage  Networking  and 
Business  Continuance 

Storage  networking  provides  IT 
managers  with  a  cost-effective  way  to 
access,  manage,  and  protect  corpo¬ 
rate  data.  Cisco  COMET  supports 
both  SAN,  with  ESCON,  FICON, 
and  Fibre  Channel  connectivity,  and 
IP-based  NAS  solutions.  Storage  net¬ 
working  improves  data  access,  simpli¬ 
fies  growth,  streamlines  administra¬ 
tion,  improves  data  availability  and 
integrity,  and  reduces  cost  of  owner¬ 


ship  through  storage  consolidation. 
Storage  networking  also  provides  the 
foundation  for  business  continuance 
applications,  interconnecting  data 
centers  through  a  high-capacity  opti¬ 
cal  network. 

Optical  Ethernet  and  IP 
Optimization 

Optical  Ethernet  is  a  powerful  tool 
for  an  enterprise  network,  because  it 
allows  Ethernet  to  be  carried  over  a 
metropolitan  area. 


The  Cisco  COMET  Optical 
Portfolio 

Cisco  COMET  provides  complete 
optical  solutions — from  high-capaci¬ 
ty,  high-performance  DWDM  sys¬ 
tems  and  SONET/SDH  switches  to 
optical  integration  with  existing 
routers  or  switches.  This  diverse 
product  portfolio  meets  a  broad 
range  of  enterprise  goals  (Figure  3). 

Campus,  metro,  and  regional 
DWDM  solutions  provide  an  optical 
foundation  for  the  consolidation  of 


Figure  3 

Cisco  COMET:  The  Optical  Foundation  for  Cisco  AVV1D 
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Cisco  COMET  supports  Gigabit 
and  10-  Gigabit  Ethernet  connections 
for  very  fast  and  efficient  transport  of 
IP  traffic,  eliminating  the  need  for 
traditional  protocol  conversion  and 
rate  adaptation  associated  with  tradi¬ 
tional  carrier  wide-area  networking 
services.  RPR/DPT  and  Packet  over 
SONET  (POS)  can  provide  an  effec¬ 
tive  means  of  transporting  IP  traffic 
over  a  metro  or  wide-area  network, 
offering  enterprises  the  flexibility  to 
consolidate  applications  over  private 
or  public  backbones.  Cisco  COMET 
supports  optical  Ethernet  and  IP 
optimization  over  SONET/SDH, 
CWDM,  and  DWDM,  and  through 
the  integration  of  optical  technology 
into  IP  switches  and  routers. 


data,  voice,  and  video,  as  well  as  stor¬ 
age  traffic  over  a  resilient,  high- 
capacity,  high-performance  optical 
network.  The  systems  are  highly  scal¬ 
able,  to  a  maximum  of  32  wave¬ 
lengths  per  fiber  pair.  With  transmis¬ 
sion  speeds  of  up  to  10  Gbps  per 
wavelength,  these  systems  can  trans¬ 
port  an  aggregate  capacity  of  320 
Gbps.  Scalable  optical  add/drop  mul¬ 
tiplexing  (OADM)  capabilities  sup¬ 
port  point-to-point,  ring,  and  meshed 
topologies,  providing  optimized  net¬ 
work  design  for  campus  and  building 
interconnection.  Topology  flexibility 
helps  minimize  the  amount  of  fiber 
required  for  network  connectivity, 
while  simultaneously  maximizing  the 
redundancy  and  restoration  capabili¬ 
ties  for  failure  recovery. 
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The  systems  support  protocol  and 
bit-rate-independent  traffic  from  16 
Mbps  to  2.5  Gbps,  and  are  capable  of 
transporting  large  quantities  of  high¬ 
speed  traffic  such  as  SONET/SDH, 
ESCON,  FICON,  Fibre  Channel,  and 
Gigabit  Ethernet.  Multiport  aggrega¬ 
tion  modules  further  maximize  net¬ 
work  capacity  by  multiplexing  multi¬ 
ple  circuits  onto  a  single  wavelength. 
For  example,  up  to  40  ESCON  chan¬ 
nels  can  be  transmitted  over  a  single 
wavelength,  providing  data-center 
connectivity  for  storage  or  disaster 
recovery  applications.  Demanding  IP 
data  or  streaming  media  applications 
can  be  supported  using  10 -Gigabit 
Ethernet  or  OC-192/STM-64. 

Optical  amplifiers,  dispersion  com¬ 
pensation  units,  and  performance 
monitoring  units  are  available  to 
extend  network  connectivity  across 
large  regional  areas,  while  ensuring 
that  the  network  operates  at  peak 
performance. 

For  bandwidth-intensive  metro 
interconnect  and  long-haul  applica¬ 
tions,  DWDM  transport  systems  are 
available  today  that  offer  80  channels 
at  up  to  10-Gbps  transmission  rates, 
scaling  to  more  than  320  channels 
and  40-Gbps  transmission  rates  in 
the  future. 


COMET  DWDM  solutions  are 
designed  to  future  proof  the  enter¬ 
prise  network,  providing  tremendous 
flexibility  and  scalability  while  mini¬ 
mizing  costs  and  maximizing  the 
transmission  capacity  over  owned  or 
leased  fiber. 

SONET/SDH  multiservice  provi¬ 
sioning  platforms  (MSPPs)  combine 
the  capacity  of  optical  transport  with 
the  intelligence  of  IP  to  cost-effective¬ 
ly  deliver  next-generation  voice  and 
data  services.  These  systems  provide 
multiservice  transport  over  a  flexible, 
high-capacity  SONET/SDH  back¬ 
bone.  SONET/SDH  add-drop  multi¬ 
plexing  (ADM)  and  digital  cross-con¬ 
nect  capabilities  provide  traffic  aggre¬ 
gation  from  T1/E1  to  OC-192/STM- 
64,  along  with  data  interfaces  such  as 
10/100-Mbps  Ethernet  and  Gigabit 
Ethernet.  Next-generation 
SONET/SDH  provides  a  cost-effec¬ 
tive  means  of  consolidating  new,  high- 
bandwidth  applications — such  as 
Gigabit  Ethernet — with  traditional 
low-speed  voice,  TDM  data,  and 
Ethernet  applications. 

Cisco  has  also  integrated  optical 
networking  capabilities  into  existing 
router  and  switch  products.  In  addi¬ 
tion  to  a  wide  range  of  optical  inter¬ 
faces,  such  as  SONET/SDH,  Gigabit 
Ethernet,  and  10-  Gigabit  Ethernet 


on  routers  and  switches,  a  CWDM 
Gigabit  Interface  Converter  (GBIC) 
supports  up  to  eight  wavelengths 
over  a  single  fiber  pair.  The  CWDM 
solution  supports  OADM  capabilities 
for  building  ring  or  hub-and-spoke 
networks.  With  each  wavelength 
capable  of  carrying  a  Gigabit 
Ethernet  channel,  CWDM  dramati¬ 
cally  increases  the  traffic-carrying 
capacity  of  an  existing  switch  or 
router.  The  Cisco  CWDM  GBIC 
solution  provides  an  easy  and  cost- 
effective  way  to  deploy  Gigabit 
Ethernet  in  campus,  data-center,  and 
metropolitan-area  access  networks. 

Optical  transport  is  also  provided 
on  other  products,  such  as  storage 
routers,  providing  iSCSI,  IP,  and 
Fibre  Channel  networking. 
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optical  networking  solutions,  visit: 
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BA,  BMC  push  portals  for  management 


BY  DENISE  DUBIE  AND  ELLEN  MESSMER 

New  Web-based  management  console 
)ftware  from  Computer  Associates  and 
MC  Software  marks  a  move  away  from 
Dmplicated  command-line  interfaces  that 
2twork  executives  and  administrators  tra- 
itionally  have  used  to  pore  through  sys- 
m  logs  to  track  network  performance 
id  events. 

CAs  eTrust  Security  Command  Center, 
hich  oversees  network  security  devices 


and  software,  and  BMC’s  Patrol  Perceive, 
which  is  focused  on  performance  manage¬ 
ment,  are  designed  to  aggregate  data  on 
command  and  present  it  for  analyzation. 

“Todays  portals  are  mostly  about  access¬ 
ing  and  viewing  data,” says  Rich  Ptak,  presi¬ 
dent  of  Ptak  Associates,  a  consulting  firm 
that  tracks  the  network  management  mar¬ 
ket.  “In  the  next  few  years,  maybe  sooner, 
these  Web  interfaces  will  let  multiple  users 
—  from  the  systems  administrator  to  the 
CIO  —  manipulate  data  and  exercise  con¬ 


trol  across  networks.” 

Ptak  says  he  expects  to  see  similar 
announcements  from  competitors  such  as 
Hewlett-Packard  and  IBM  Tivoli. 

CA  said  last  week  that  eTrust  Security 
Command  Center  will  be  part  of  an 
expanded  network  security  product  line 
rolling  out  later  this  year.  Russ  Artzt,  CAs 
executive  vice  president  and  eTrust  brand 
unit  executive,  said  Command  Center  “will 
bring  all  of  security  together,  unifying  VPN, 
access  control  and  threat  management.” 


Command  Center  will  support  CA  secu¬ 
rity  tools  —  including  a  new  line  of  provi¬ 
sioning  and  access-control  software  pack¬ 
ages  —  and  Check  Point  Software  fire¬ 
walls.  CA  is  offering  a  software  develop¬ 
ment  kit  as  part  of  a  plan  to  enable 
Command  Center  to  work  with  other  ven¬ 
dors’  security  products. 

Sharon  O’Bryan,  chief  security  officer  at 
bank  ABN  AMRO’s  corporate  and  con¬ 
sumer  clients  division,  says  she  expects  to 
See  Management,  page  38 


Software  adds  oomph  to  Lotus  apps 

Stampede  picks  up  where  it  left  off  with  remote  user  software. 


■  IBM  last  week  unveiled  a  software 
development  kit  for  IT  managers 
looking  to  simplify  the  deployment 
and  management  of  PCs  across  their 
networks.  ImageUltra  Builder 
locates  and  centralizes  the  software 
images  stored  on  networked  PCs. 
These  images  are  composites  of 
important  software  stored  on  a 
user's  hard  drive,  such  as  the  operat¬ 
ing  system,  crucial  applications  and 
databases.  After  developing  and 
deploying  a  custom  image  across  its 
network,  a  company  can  automate 
software  application  installation  and 
more  quickly  and  easily  install  new 
operating  systems,  IBM  says.  The 
software  currently  works  only  with 
IBM  hardware,  but  IBM  is  working  on 
a  version  that  will  work  with  other 
hardware  by  year-end.  ImageUltra 
Builder  1.0  costs  $1,500  for  100 
licenses. 

■  Trend  Micro  last  week  announced 
InterScan  WebProtect  for  ICAP, 

Windows  NT  4.0  server-based  soft¬ 
ware  designed  to  accelerate  virus 
scanning  by  communicating  with 
caching  appliances  from  vendors 
such  as  Blue  Coat  Systems  and 
Network  Appliance.  The  software 
works  with  caching  appliances  that 
support  the  Internet  Content  Adapt¬ 
ation  Protocol,  which  was  devised  for 
sharing  information  across  vendor 
equipment.  A  100-user  license  costs 
$1,360.  www.trendmicro.com 


■  BY  JOHN  FONTANA 

DAYTON, OHIO  —  Stampede  Technologies,  which  offers  software 
for  making  Lotus  Domino  work  better  for  remote  users,  is  now 
turning  its  attention  to  local  users  with  a  client/server  package  that 
boasts  new  traffic  control,  storage  and  management  features  that 
work  over  LANs. 

The  company’s  Enterprise  Edition  of  TurboGold  features  tech¬ 
nology  to  make  HTML-based  traffic  faster  by  as  much  as  65%  and 
compression  technology  that  optimizes  storage  capacity  by  near¬ 
ly  85%,  according  to  company  officials.  Stampede  says  new  sup¬ 
port  for  multicast  improves  efficiencies  of  broadcast  updates  to 
Domino  server  databases  by  as  much  as  85%.  A  new  management 
console  promises  administrators  control  from  a  single  location. 

“What  companies  want  today  is  to  get  more  [return  on  invest¬ 
ment]  out  of  their  systems  and  to  get  more  productivity  out  of 
users,” says  Dana  Gardner, an  analyst  with  Aberdeen  Group.  He  says 
Stampede’s  technology  lets  companies  move  data  more  inexpen¬ 
sively  and  efficiently,  and  loosen  storage-limit  constraints  on  users. 
Stampede  also  is  poised  to  move  beyond  Domino  in  future 
releases  to  include  XML  data,  which  can  be  bandwidth-intensive. 

“Stampede  seems  ready  to  move  upstream  to  providing  acceler¬ 
ation  for  that  data,”  Gardner  says. 

Stampede’s  Enterprise  Edition  Web  acceleration  focuses  on 
Domino  server  applications,  Lotus’s  Web-based  e-mail  and 
QuickPlace,  its  Web-based  team  collaboration  application. 

The  new  compression  technology,  AutoZip,  automatically  zips 
attachments  stored  on  the  Domino  server.  This  lets  companies 
add  storage  capacity  without  upgrading  software  or  hardware. 
Attachments  are  unzipped  automatically  when  sent  between 
users  of  Notes  clients  with  TurboGold  software  installed. 
Recipients  without  TurboGold  must  unzip  attachments  manually. 
The  company  also  offers  a  stand-alone  AutoZip  Server  Utility  that 
can  be  used  to  zip  existing  attachments  on  a  Domino  server. 

The  Enterprise  Edition’s  Multicator  feature  plugs  into  an  IP  net¬ 
work’s  multicast  features  and  broadcasts  updates  from  Domino 
databases. 

“Updates  are  sent  individually  to  each  user.  Now  you  can  do  that 
through  multicast, ’’says Tom  Yohe,  vice  president  of  engineering  for 


Policy  manager 


Stampede’s  TurboGold  Enterprise  Edition  includes  a 
policy  manager  for  tuning  the  acceleration  and 
storage  features  of  the  software  for  Lotus  Domino. 
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TurboGold  Database  Policy  Definition 
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Lookup  Dotobose  Replico  ID  | 


Dolobose  title 


Replica  ID 


Policy  applies  to  ihn  server  only 


Users  define  a  database  that 
they  want  to  set  policies  on 
using  Stampede's  acceleration 
software. 


Policy  Options 


[Acceleration  Service 
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Users  can  enable  or  disable 
policies  or  let  a  database  inherit 
policies  from  a  master  or 
authoritative  database. 


Stampede.  “And  we  use 

Domino  replication  to  ensure  that  the  update  is  delivered." 

Stampede  also  has  added  traffic-shaping  capabilities  that  plug 
into  network-based  traffic-shaping  engines,  such  as  those  from 
Packeteer,  which  has  formed  an  alliance  with  Stampede.  Users 
can  attach  quality-of-service  levels  to  Domino  server  applica¬ 
tions,  databases  and  email  along  with  assigning  that  traffic  to 
specific  ports. 

Finally,  Enterprise  Edition  comes  with  a  policy  manageme'  ' 
engine  that  lets  users  set  priorities  on  all  the  new  features. 

TurboGold  supports  Lotus  Domino  4.51  and  above.  The  die. 
runs  on  all  Win32  platforms,  and  the  server  runs  on  Windows  \  ■ 
2000  and  XP;and  IBM’s  iSeries.  pSeries  and  zSeries  platforms. 

Client  licenses  start  at  $63,  and  server  licenses  start  at  $1,06 '> 

Stampede:  www.stampede.com 
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HandsFree  gets  fingers 
into  asset  management 


Entercept  tries 
to  save  SQL  Server 

Software  designed  to  stymie  SQL  injections. 


■  BY  ELLEN  MESSMER 

SAN  JOSE  —  Entercept  Security  Technol¬ 
ogies,  expanding  beyond  its  Web  server 
security  tools,  last  week  announced  soft¬ 
ware  designed  to  keep  Microsoft  SQL 
Server  databases  safe  from  attackers. 

Entercept  Database  Edition,  which  runs 
on  the  same  machine  hosting  SQL  Server, 
takes  aim  at  so-called  SQL  injections,  a 
hacking  technique  used  to  undermine 
database  server  security 

In  a  SQL  injection,  the  attacker  tries  to 
enter  text  containing  command  language 
during  a  SQL-based  search  so  the  injected 
code  would  be  executed  to  give  the 
attacker  complete  control  of  the  database 
server.  The  success  of  such  an  attack  is 
often  not  because  of  a  flaw  in  SQL  Server 
but  because  developers  neglect  to  pro¬ 
gram  the  database  so  that  it  validates 
input  properly.  Entercept’s  security  soft¬ 
ware  intercepts  SQL  injection  attempts 
and  blocks  them. 

Companies  such  as  KaVaDo,  Harris, 
Okena  and  Sanctum  offer  competing  soft¬ 
ware.  But  Entercept  hopes  to  garner  cus¬ 
tomer  interest  by  building  into  Entercept 
Database  Edition  the  same  kind  of  behav¬ 
ior-blocking  software  available  for  its  Web 
server  product.  Entercept  says  its  new  prod¬ 
uct  would  prevent  even  hackers  that  have 
gained  access  to  a  database  to  use  it  as  a 
launch  point  of  attack  by  noticing  the 


SQL  injection  rejection 

Entercept's  latest  software  is 
designed  to  protect  SQL  databases 
from  attack. 


Entercept  Database  Edition 


SQL  Server  database 
Windows  operating  system 


Server 

Entercept  Database  Edition  software,  which  runs  on 
the  same  Windows  server  hosting  Microsoft  SQL  Server, 
blocks  attempted  "SQL  injection"  attacks  by  filtering 
out  queries  that  include  improper  inputs. 

activity  as  suspicious  and  blocking  it. 

Entercept  Database  Edition,  which  costs 
$3,000,  only  supports  Microsoft  SQL  2000, 
but  versions  for  Oracle  and  other  data¬ 
bases  are  planned  for  in  the  future. 
Entercept:  www.entercept.com 


■  BY  DENISE  DUBIE 

NEWTON,  MASS.  —  A  start-up  this  week 
will  release  upgraded  systems  manage¬ 
ment  software  that  includes  asset-track¬ 
ing  capabilities  an  early  adopter  says  is 
as  functional  and  costs  less  than  rival 
products. 

HandsFree  Networks’ Automated  Support 
Infrastructure  (ASI),  which  debuted  in 
June,  now  can  gather  hardware  statistics, 
BIOS  information,  software  licensing  and 
version  data  from  desktop  PCs  across  a 
network.  The  upgraded  software,  Version 
1 .3,  also  boasts  a  Web-based  graphical  user 
interface  that  can  access  canned  reports 
or  generate  customized  ones. 

ASI  users  also  can  configure  the  software 
to  track,  for  example,  the  activity  of  a  spe¬ 
cific  application  or  user  on  a  network,  says 
Alessandro  Donnini,  HandsFree’s  presi- 
dent.“We’ve  upgraded  the  software  to  man¬ 
age  application  usage,  which  will  help  net¬ 
work  managers  better  plan  for  licensing 
and  upgrades,”  he  says. 

Phil  Kubat,  CEO  of  CBE  Technologies,  an 
IT  professional  services  company  in  Bos¬ 
ton,  uses  ASI  in  his  company’s  internal  net¬ 
work  and  in  its  managed  services  offerings. 
CBE  performs  server,  desktop  and  firewall 
management  services, and  Kubat  says  ASl’s 
open  platform  lets  the  company  extend  its 
services  in  many  user  environments. 

“HandsFree  is  an  open  platform  with  a  lot 
of  flexibility  and  it  performs  right  up  there 
with  high-end  tools,”  says  Kubat,  who  also 
evaluated  products  from  Tivoli  Systems. 


While  Donnini  says  HandsFree’s  software 
might  perform  similar  functions  to  those  in 
Tivoli  software,  he  sees  the  company’s  soft¬ 
ware  competing  more  with  Altiris’  Asset 
Mgmt  Suite,  Intel’s  LANDesk  and  Novell’s 
ZENworks.  And  while  Altiris  costs  $58  per 
node,  HandsFree’s  ASI  costs  $2  per  man¬ 
aged  device  per  month  when  between  10 
and  99  nodes  are  purchased.  Donnini  says 
the  payment  model  lets  customers  try  the 
software  before  committing  a  lot  of  cash. 

ASI  includes  server  and  client  software. 
The  server  component  can  run  within  an 
intranet  or  at  a  remote  location,  connect¬ 
ing  via  the  Internet.The  server  includes  an 
event  log  database  from  which  network 
managers  generate  reports  and  are  noti¬ 
fied  of  events. ASI  client  software  agents  are 
installed  on  each  managed  device.  Each 
agent  includes  a  database  in  which  all  the 
availability  performance  and  event  data  is 
stored.  ASI  supports  devices  running 
Microsoft  Windows  95  through  XP  operat¬ 
ing  systems. 

The  software  comes  with  scripts,  which 
automate  management  and  support  tasks. 
The  software  reacts  to  known  events  in  the 
Windows  environment  and  uses  prede¬ 
fined  resolutions  to  take  corrective  action. 
Network  managers  also  can  configure  ASI 
to  perform  automated  actions  based  on 
their  own  knowledge  of  dealing  with  their 
networks. 

The  software  is  currently  available 
through  resellers  and  channel  partners, but 
HandsFree  plans  to  sell  direct  in  coming 
months.  ■ 


Heroix  adds  automation,  report  features  to  eQ 


■  BY  DENISE  DUBIE 

NEWTON,  MASS.  —  Heroix  this 
week  is  expected  to  release  a  ver¬ 
sion  of  its  systems  and  applica¬ 
tions  management  tool  that  in¬ 
cludes  more  platform  support,  en¬ 
hanced  autoconfiguration  fea¬ 
tures  and  a  graphical  Web  inter¬ 
face  to  help  users  pinpoint  prob¬ 
lems  and  distribute  reports  to 
upper  management. 

Heroix  eQ  1 .5,  formerly  known 
as  RoboMon,  includes  a  Web 
Event  Monitor  that  helps  network 
managers  zero  in  on  perfor¬ 
mance  problems.  Upon  installa¬ 
tion,  the  software  autodiscovers 
operating  systems,  databases,  ap¬ 
plications  and  servers.  It  also 
begins  baselining  the  behavior  of 
those  elements  The  software 
would  monitor  applications, such 


as  Microsoft  Exchange  and  BEA 
WebLogic,  to  see  how  they  per¬ 
form  in  peak  and  slow  network 
conditions.  The  software  then 
uses  the  baseline  to  determine 
when  abnormalities  occur. 

The  new  Web  Event  Monitor 
will  serve  up  a  report  detailing 
only  those  machines  experienc¬ 
ing  problems,  which  can  go  a 
long  way  toward  reducing  the 
mean  time  to  resolution,  says 
Randal  Pacheco,  network  sup¬ 
port  engineer  at  Oceanic  Time 
Warner  Cable  of  Hawaii. 

“It  lets  me  see  multiple  servers 
through  one  interface,  so  1  can 
look  at  logs  on  a  lot  of  servers 
rather  than  one  by  one,”  Pacheco 
says.  He  has  used  Heroix  software 
(RoboMon  and  now  eQ)  since 
1998,  and  says  he  chose  Heroix 
over  competitors  such  as  BMC 


Software  and  NetlQ  for  two  rea¬ 
sons.  “I  just  went  with  the  least- 
expensive  product  that  required 
the  least  configuration  out  of  the 
box,”  he  says. 

Pacheco  beta-tested  Version 
1.5,  and  says  the  feature  that 
most  appeals  to  him  is  the 
added  monitoring  for  applica¬ 
tion  usage  on  Windows  and 
Solaris  servers.  Another  new  fea¬ 
ture  relies  on  eQ’s  baselining 
capabilities  to  learn  the  configu¬ 
rations  of  servers  and  applica¬ 
tions.  With  the  stored  data,  the 
software  can  perform  autocon¬ 
figuration  and  make  deploying 
new  servers  and  applications 
easier,  Heroix  says. 

Heroix  includes  agents  and  a 
management  console  with  which 
to  configure  and  distribute  them. 
Network  managers  also  can  gen¬ 


erate  reports  and  graphs  using  the 
console,  which  includes  a  SQL 
database  that  stores  the  perfor¬ 
mance  data  the  agents  collect. 
The  agents  are  autonomous,  mon¬ 
itoring  events  and  taking  correc¬ 
tive  action  without  communicat¬ 
ing  with  the  console. 

Heroix  eQ  software  comes  writ¬ 
ten  to  monitor  specific  perfor¬ 
mance  metrics  in  databases,  oper¬ 
ating  systems,  messaging  applica¬ 
tions, Web  and  e-commerce  appli¬ 
cations.  For  example,  new  to  this 
release  are  18  new  Active  Direc¬ 
tory  sensors. 

Heroix  eQ’s  architecture  is  a  key 
differentiator  from  competitors 
such  as  BMC  and  NetlQ, says  Jean- 
Pierre  Garbani,  an  analyst  with 
Giga  Information  Group.  He  says 
while  many  management  agents 
sap  up  to  25%  of  a  servers  CPU 


resources  to  run.eQ  uses  only  1% 
of  the  those  resources  on  a  man¬ 
aged  server. 

“In  a  climate  where  all  IT  oper¬ 
ations  are  optimizing  resources, 
it  is  also  important  to  minimize 
the  amount  of  computing  power 
used  by  the  management  tools," 
Garbani  says. 

Heroix  eQ  runs  on  Windows  NT 
and  2000,  A1X,  HP-UX,  Solaris,  Li¬ 
nux,  OpenVMS  and  NetWare. 

Heroix  eQ  1.5  costs  between 
$75,000  and  $100,000  on  aver¬ 
age,  and  is  available  now.  ■ 
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Fastlron  Edge  Switches  let  you  do  more  with  less.  Compact  form.  Immense  capabilities 
Fastlron  Edge  Stackable*  pack  more  power  into  your  wiring  closet  than  any  other  switch.  They  give  you 
tunable  functionality,  configurable  security,  and  simplified  management.  The  96-port  model  has  twice 
the  port  density  of  the  nearest  competitor.  With  a  common  user  interface,  standard-based  network 
management  support,  redundant  and  hot-swappable  power  supplies,  and  a  common  software  suite,  the 
Fastlron  Edge  switches  give  you  the  lowest  total  cost  of  ownership  and  the  highest  investment  value  of 
all  the  major  switches.  Get  a  competitive  edge— get  a  Fastlron  Edge  Switch.  Call  1.888. TURBO  LAN 
(887-2652)  or  www.foundrynctworks.com/fes. 
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What  is  it  about  people’s  faces  that 
makes  otherwise  logical  people 
totally  ignore  logic,  human  nature 
and  years  of  experience?  That  could  be 
the  lead  in  to  all  sorts  of  topics,  most  of 
which  wouldn’t  fit  under  the  umbrella  of 
what  this  paper  thinks  its  readers  are  inter¬ 
ested  in.  In  this  case,  this  is  a  lead  into  a 
discussion  of  video  over  the  ’Net. 

What  brought  this  topic  to  mind  was  a 
Sept.  12  story  in  the  Circuits  section  of  The 
New  York  Times  about  two  new  video 
e-mail  products.  Both  let  the  user  record  a 
video  snippet  to  be  used  in  place  of  a  text 
or  still  picture  e-mail  message.  The  first 
thought  that  pops  to  mind  is  “Why?”  Sure 
there  are  some  show-grandma-the-grand- 
kids  types  of  applications,  but  what  would 
have  caused  a  venture  capital  company  to 
think  that  there  was  a  significant  enough 
business  market  for  this  type  of  technology 


Enterprise  Applications 

Fixated  on  faces 

to  warrant  funding  these  companies? 

The  Times  story  called  these  products 
“video  karaoke”  and  like  with  traditional 
karaoke, you  have  to  have  a  healthy  ego  or 
a  very  good  sense  of  humor  to  subject 
others  to  your  efforts  (or  maybe  too  much 
alcohol  or  some  other  drug). 

Whatever  the  drug,  it  seems  to  be  a  long- 
lasting  one.  Companies  and  pundits  have 
pushed  videograms  and  videoconferenc¬ 
ing  as  potential  pots  of  gold  seemingly  for¬ 
ever,  especially  in  times  of  economic 
crunch.  But  so  far  they  have  been  consis¬ 
tently  inaccurate. 

There  is  a  market,  but  not  all  that  big  of 
one.  Maybe  there  will  be  a  big  market 
when  the  quality  gets  good  enough  to  see 
if  the  person  you’re  talking  to  is  rolling  his 
eyes  as  you’re  talking,  but  somehow  I  just 

Pundits  have  pushed 
videogames  and  video- 
conferencing  as  poten¬ 
tial  pots  of  gold  forever. 


don’t  see  the  attraction  until  at  least  then. 
Even  then,  I’m  not  sure  the  conversation  is 
helped  by  the  moving  pictures. 

My  problem  is  that  I  don’t  see  what  the 
video  adds  to  most  of  the  phone  conver¬ 
sations  I  have  that  would  make  me  want 
to  spend  much  more  to  get  video.  (This 
does  not  take  into  account  that  the  advent 
of  video  would  mean  that  I  would  have  to 
clean  up  at  least  one  part  of  one  wall  in 
my  Harvard  and  home  offices.)  Good 
quality  voice  and  a  shared  whiteboard 
seem  to  get  you  90%  of  the  way  to  an  ideal 
situation  —  high-quality  video,  to  me, 
would  provide  at  most  the  other  10%. 

I  must  be  missing  something.  Too  many 
people,  for  too  long,  have  chased  this  rain¬ 
bow  for  it  to  just  be  light  reflected  through 
vendor-produced  fog.  But  just  maybe,  it’s 
someone  else  who  doesn’t  get  it. 

Disclaimer:  Harvard  produces  both  fog 
creators  and  fog  cutters,  none  of  whom  to 
my  knowledge  have  weighed  in  on  this 
topic  —  so  this  must  be  my  own  fog  light. 

Bradner  is  a  consultant  with  Harvard 
University's  University  Information  Sys¬ 
tems.  He  can  be  reached  at  sob@ 
sobco.com. 
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continued  from  page  35 

test  a  beta  version  of  Command  Center. 
She  says  she  needs  to  consolidate  security 
information  related  to  the  bank’s  network 
and  110,000  employees  worldwide.  “I 
report  to  the  CEO.  I  need  to  be  prepared  at 
a  moment’s  notice  to  provide  this  informa¬ 
tion  to  the  CEO,”  she  says. 

BMC  this  week  separately  will  announce 
its  server-based  Patrol  Perceive  software, 
which  is  designed  to  let  users  access  his¬ 
torical,  real-time  and  predictive  system  and 
application  performance  data  through  one 
Web-based  graphical  user  interface. 

Ptak  says  that  with  Patrol  Perceive,  BMC  is 
offering  users  a  fast,  easy-to-use  report  gen¬ 
erator.  The  software  uses  new  and  histori¬ 
cal  data  collected  by  existing  BMC  Patrol 
and  other  agents,  and  serves  as  a  gatherer 
of  information. 

Users  can  customize  documents,  graphs, 
spreadsheets  and  reports  that  can  be 
exported  to  Microsoft  Excel,  Adobe  PDE 
XML  and/or  printer-ready  formats. 

“BMC  is  taking  data  that’s  already  avail¬ 
able,  yet  not  necessarily  easily  accessible, 
and  making  that  data  useful  to  multiple 
users,”  Ptak  says. 

Patrol  Perceive  costs  $100  per  server. 

CA:  www.ca.com;  BMC  :  www.bmc.com 


Foundation  for  Data  Security 

■  Ensure  the  integrity  of  your  data 

■  Instant  assessment  of  system  state,  reporting 
"integrity  drifts" 

Maximize  System  Uptime 

■  Eliminate  risk  and  uncertainty 

■  Enable  quick  restoration  to  a  desired  state 


O  Copyright  2002.  Tnpwire  and  the  Tripwire  logo  are  registered  trademarks  of  Tnpwire.  Inc. 


Increase  Control  and  Stability 

■  Ongoing  monitoring  and  reporting 

Lower  Costs 

■  Find  and  fix  problems  quickly  and  precisely  - 
no  more  guess  work 

Your  firewalls  and  intrusion  detection  tools  alone  are 
not  enough  to  keep  systems  trustworthy.  Tripwire's  data 
integrity  assurance  products  are  the  only  way  to  know  with 
100%  confidence  that  your  data  remains  uncompromised. 
For  nearly  10  years  Tripwire  has  been  helping  IT 
professionals  know  exactly  what’s  changed  on  their 
systems,  and  helping  them  to  recover  quickly. 


For  a  FREE  30-day 
fully-functional  eval, 

call  toll-free  1.800.TRIPWIRE 
(874.7947)  or  visit 

http://networld.tripwire.com 

today! 


Tpipwipr 
ml  r  n  I  hi 

THE  DATA  INTEGRITY  ASSURANCE  COMPANY 


I 


f 


\ 

\ 


It 


I 


Does  your  remote  access  leave  you  a  little...  exposed? 


For  enterprise-class  security,  access  and  management,  Fiberlink  has  you  covered. 

Just  how  secure  is  your  remote  access?  How  dependable  is  it?  How  hard  is  it  to  manage?  If  you  want  easy  answers  to  these 
tough  questions,  you  need  Fiberlink.  Only  Fiberlink  delivers  a  level  of  integrated  security,  access  and  management  that  optimizes 
remote  access  -  •  anytime,  anywhere.  The  confidence  of  policy-enabled  remote  access,  with  integrated  authentication,  intrusion 
detection,  VPN,  distributed  firewall  and  virus  protection.  And  robust  tools  that  give  end-users  easy  access  and  administrators 
fewer  headaches.  It's  no  wonder  that  leading  industry  analysts  recommend  Fiberlink  to  their  clients.  Did  we  also  mention  that 
our  customers  typically  reduce  their  costs  by  as  much  as  80%? 

Learn  more  at  v.fiberlink.co;  or  call  id-LINKNOW  today.  Before  you  catch  something. 


Fiberlink  Global  Remote:  tor  mob.ie  professionals  Fiberlink  Secure  Broadband:  for  telecommuters  Fiberlink  Global  Connect:  for  branch  office^  ’ 
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wf  Think  of  it  as  an  engine  for  your  network. 
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(A  souped-up,  highly  customized, 
street-racing  engine  for  your  network.) 
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Our  new  servers  were  engineered  to  get  the  maximum  performance  from  your 
network.  Look  under  the  hood:  You’ll  find  powerful  Intel’  XeorT  processors 

r  '  ■  •  '■  *rj  t  >  .*  Vy  t  -  /•  ■  *  -  ’  * 

with  Hyper-threading  technology  and  huge  hard  drives.  Which  means  faster 
response  times  and  processing  power  for  you.  Take  a  closer  look,  and  you'll 
see  we’ve  upgraded  everything  except  the  price.  The  sleek  new  case  design 
takes  up  little  room,  yet  gives  you  plenty  of  room  to  grow.  And  new  server 
manageability  features  maximize  performance  and  availability.  For  a 
customized  networking  solution,  just  combine  the  Gateway'7  960  Series  server 
and  network  services.  Want  to  see  your  network  perform?  Call  1-888-203-4559. 


Gateway"  960  Series  Server 


The  flexibility  to  fulfill  today's  needs  with  the  performance  to  address  tomorrow's  requirements, 
Intel*  Xeon "  Processor  i.80GHz  with  512K  L2  Cache  •  256MB  PC1600  DDR  ECC  SDRAM  (expandable  to  4GB) 
18GB  Ultra  160  (10K)  SCA  SCSI  Hard  Drive  •  Single  450-Watt  PS2  Power  Supply  •  Six  PCI  Expansion  Slots 
and  Eight  Drive  Bays  •  HP*  OpenView"  ManageX  Event  Manager  •  Integrated  PCI  Graphics  with  4MB 
SDRAM  •  Integrated  Intel’  10/100/1000  Ethernet  •  3-Year  Parts.  Labor  and  On-Site  Limited  Warranty 

51499 
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Gateway  Networking  Solutions 

Gateway  gives  you  a  single  point  of  contact  to  manage  every  stage  of  your  network  life  cycle.  As  a  networking  expert.  Gateway  provides  comprehensive  integration  and  installation  services — from  network 
planning  and  consultation,  to  customized  technology  solutions  and  support  for  optimizing  your  network  infrastructure.  And  all  that  means  greater  security,  increased  productivity  and  a  better  bottom  line. 
Network  Planning  and  Design -Gateway's  local  network  service  provider  will  set  up  a  network  consultation  to  discuss  your  business  objectives  and  technology  needs,  including  an  evaluation  of  your  work  site 
and  current  hardware  and  software.  Then  Gateway  will  develop  a  custom  network  design  including  recommended  hardware,  software,  installation,  services  and  associated  time  and  costs  for  implementation. 
Custom  Integration  and  Installation  Put  your  new  Gateway  systems  to  work  right  out  of  the  box.  Gateway  can  deliver  servers  preconfigured  to  your  exact  specifications  and  install  third-party  hardware  and 
software  right  in  our  factory,  so  your  server  arrives  equipped  with  your  own  programs  and  applications.  Gateway  can  also  help  set  up  server  hardware  as  well  as  install  the  entire  network.  Installation  services 
include  cabling  and  wiring,  connecting  interface  cards  and  hubs,  data  transfer  to  new  PCs.  configuring  network  settings  and  software  installation,  and  setting  up  shared  drives,  printers  and  other  network  devices 
On-Site  Service  and  Support-Gateway's  fast-response  system  brings  skilled  technical  professionals  to  you  with  minimal  delay.  Gateway's  local  network  service  provider  can  be  on  site  in  as  little  as  four 
hours  while  Gateway's  Network  Support  Center,  staffed  by  certified  Microsoft-  and  Novell5,  engineers,  provides  24/7  technical  phone  support.  Either  way.  Gateway  will  keep  your  network  strong  and  secure. 
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1-888-203-4559 


Gateway  recommends  Microsoft'  Windows  XP  Professional  for  Business. 


Gateway 

gateway  com  AOL  Keyword:  Gateway 


[/rices  and  configurations  subject  to  change  without  notice  or  obligation.  Prices  exclude  shipping  and  handling  and  taxes  Not  responsible  for  typographical  errors.  Lin  tec  warrant  es  ano  ser,  ;e  ag-ee--erts  apply  » s  :  gateway ■  :a  -S  -546 
*#pr  af^e  copy  Technician  Will  be  dispatched  if  deemed  necessary  by  Gateway  following  other  troubleshooting  methods  On-sde  service  not  available  m  an  locations  you  may  be  rec--rec  to  taxe  or  send  you  -  product  tc  a-  authorized  se-v :?  oca:  r  C 
2serv.ce  exc  aces  mice.  Keyboarcs  docking  stations,  external  peripherals  and  monitors.  ©2002  Gateway  me  Ail  rights  reserved  Gateway  Terms  and  Conditions  of  Sa  e  apply.  Gateway  com  and  Gateway  Country  Stores  LlC  are  separate  :ega:  erres  Gat 
the  Gateway  Stylized  Logo  and  the  Brack- and-Khite  Spot  Des.gr  are  trademarks  or  registered  trademarks  of  Gateway  Inc.  m  the  U  S  and  ether  countries  The  :rte  ms  be  Lego  a«a  Xeon  are  trademarks  or  regs:erec  !»a:er-arks  of  -te  C.-prat-" 
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Wireless  carriers  might  get  FGG  relief 

FCC  decision  seen  clearing  the  way  for  freedom  from  billions  of  dollars  in  spectrum  obligations. 


■  BY  GRETEL  JOHNSTON  AND  JOHN  BLAU 

WASHINGTON,  D.C.  —  A  handful  of  high- 
profile  wireless  service  providers  have 
moved  a  step  closer  to  gaining  a  sorely 
needed  financial  reprieve  thanks  to  a  pro¬ 
posal  from  the  Federal  Communications 
Commission  that  would  free  the  carriers 
from  paying  the  government  billions  of 
dollars  for  spectrum  licenses. 

The  proposal  would  let  wireless  service 
providers  such  as  Cingular  Wireless,  Veri¬ 
zon  Wireless  and  T-Mobile,  formerly  Voice- 
Stream,  walk  away  from  their  bids  for  wire¬ 
less  licenses  that  the  FCC  auctioned  off  in 


■  Cable  &  Wireless  is  selling  its  list 
of  voice-service  customers  to  Prim¬ 
us  Telecommunications  Group  for 

up  to  $32  million.  This  will  mark  C&W’s 
official  exit  from  the  business  voice- 
service  market,  which  the  company 
originally  announced  in  May.  Within 
the  agreement,  Primus  will  pay  the 
carrier  for  each  customer  that  trans¬ 
fers  to  its  network.  C&W  has  about 
35,000  voice  customers,  C&W  likely 
will  lay  off  its  450-person  staff  that 
has  supported  its  voice  service  divi¬ 
sion.  All  customers  are  expected  to 
be  transferred  to  Primus  by  January. 

■  Smaller  businesses  in  the  Midwest 
have  a  new  choice  for  their  IP  voice 
and  data  services.  Start-up  service 
provider  Appia  Communications  is 
bundling  unlimited  local  and  long-dis¬ 
tance  voice  and  dedicated  high-speed 
Internet  access  services  for  business 
with  20  to  200  employees.  The  pack¬ 
age  is  supported  over  a  dedicated  T-1. 
The  service  starts  at  $50  per  month, 
per  phone,  with  a  minimum  of  20 
phones  per  business  customer.  The 
company  says  it  charges  more  for  its 
service  in  areas  where  local  T-1  rates 
are  higher.  Appia  supports  its  service 
with  Cisco  IP  phones  at  each  desktop 
and  Cisco  network  gear. 
www.appia.com 


January  2001  after  repossessing  them  from 
NextWave  because  of  nonpayment. 

A  majority  of  the  wireless  service  pro¬ 
viders  involved  must  accept  the  proposal 
before  the  FCC  makes  a  final  ruling. 

The  status  of  the  bids  fell  into  limbo 
when  the  FCC’s  auction  was  nullified  in 
June  2001  by  an  appellate  court,  which 
ordered  the  FCC  to  return  the  licenses  to 
NextWave.  A  settlement  calling  for  the 
bankrupt  wireless  operator  to  transfer  the 
licenses  to  the  winning  bidders  in  the  re¬ 
auction  fell  apart  last  year.  Since  then,  all 
parties  have  been  waiting  for  the  Supreme 
Court  to  rule  on  the  matter.  A  ruling  is 
expected  as  early  as  next  month. 

Approval  of  the  new  FCC  plan  does  not 
mean  that  Verizon  and  others  would  not  try 
to  buy  more  spectrum.  Most  expect  the 
same  service  providers  to  buy  more  spec¬ 
trum  but  for  billions  of  dollars  less.  The 
market  value  of  the  spectrum  is  roughly 
half  of  the  $16  billion  bid  last  year,  a  source 
close  to  the  situation  says. 

About  half  the  bids  belong  to  Verizon 
Wireless,  which  offered  $8.7  billion  for  the 
spectrum.  A  Supreme  Court  ruling  against 
the  carriers  could  have  a  huge  effect 
because  they  are  liable  to  pay  within  10 
days  of  the  ruling,  says  David  Hoover,  an 


■  BY  DENISE  PAPPALARDO 

CINCINNATI  —  Broadwing  Communica¬ 
tions  is  making  it  easier  for  its  dedicated 
Internet  access  customers  to  support  IP 
videoconferences. 

The  carrier  recently  launched  its  man¬ 
aged  IP  Videoconferencing  service  that 
lets  customers  use  their  existing  IP  band¬ 
width  to  support  companywide  videocon¬ 
ference  sessions. 

The  service  is  available  in  two  flavors: 
user-hosted  and  Broadwing-hosted.  The 
user-hosted  option  requires  that  customers 
use  an  online  tool  to  set  up  their  video- 
conferences.  The  Broadwing-hosted  op¬ 
tion  offers  customers  more  assistance  with 
a  team  that  sets  up,  provisions  and  moni¬ 
tors  videoconferencing  sessions  while 
in  progress. 

“As  users  start  putting  more  applications 
over  their  existing  IP  used  only  for  data, 
they’re  able  to  maximize  their  investment 


Dollars  spent? 

If  an  FCC  proposal  is  accepted  by 
the  U.S.  Supreme  Court,  wireless 
service  providers  will  not  have  to 
pay  for  the  spectrum  licenses 
they  bid  on  in  January  2001.  Here’s 
what  the  top  bidders  were 
planning  to  spend: 

Alaska  Native  Wireless*  $2.3  billion 


Cingular  Wireless 

T-Mobile  (formerly 
VoieeStream) 

$483  million 

Verizon  Wireless 

$8.8  billion 

*  An  AT&T  Wireless  affiliate 

analyst  with  Precursor  Group. 

Verizon  has  credit  lines  of  $8  billion  set 
aside  to  cover  the  liability  while  the  case  is 
going  through  the  courts,  Hoover  says.That 
is  credit  that’s  not  being  used  for  anything 
else,  including  network  buildout,  equip¬ 
ment  upgrades  and  acquisitions.  The  gov¬ 
ernment  realizes  that  absolving  the  com¬ 
panies  could  help  the  industry  he  added. 

These  carriers  have  what’s  called  “contin- 


from  a  network  standpoint,”  says  Counse 
Broders,  an  analyst  at  Current  Analysis. 
Although  Broadwing  is  not  the  only  pro¬ 
vider  offering  customers  managed  video- 
conferencing  services,  it  has  a  leg  up  on 
competitors  such  as  Equant  and  Global 
Crossing  domestically  he  says. 

“Equant  is  well-known  overseas,  but 
Broadwing  has  a  solid  network  reputation 
in  the  U.S.,”he  says.“And  most  users  looking 
at  Global  Crossing  need  to  take  a  sit-and- 
wait  attitude.”  Global  Crossing  filed  for 
bankruptcy  protection  in  January  and  is 
under  Securities  and  Exchange  Com¬ 
mission  scrutiny 

Equant’s  offering  is  specifically  for  its 
VPN  customers  where  Broadwing’s  is 
available  to  any  of  its  dedicated  Internet 
access  users  (see  www.nwfusion.com, 
DocFinder:  2330). 

Customers  can  buy  preconfigured  Fbly- 
com  ViewStations  directly  from  Broadwing 
for  between  $8,700  for  a  small-room  system 


gent  liability” hanging  over  their  heads, says 
Roger  Entner,  program  manager  at  The 
Yankee  Group. 

Creditors  look  at  Verizon  and  say  they 
have  $16  billion  in  debt  when  you  figure  in 
what  the  carrier  technically  owes  the  FCC. 
“The  proposal  makes  it  easier  for  the  carri¬ 
ers  to  bail  out  of  their  contingent  liability?’ 
he  says. 

The  proposal  also  is  good  for  the  wire¬ 
less  industry. 

“Post-WorldCom,the  sector  is  not  doing 
particularly  well  and  [the  administra¬ 
tion]  is  trying  to  come  up  with  some 
ways  to  kick  start  the  sector,”  Hoover  says. 
“They  believe  they  can  take  a  one-time 
hit  . . .  by  allowing  carriers  to  walk  away 
from  their  bids.” 

The  FCC  proposal  would  allow  a  com¬ 
ment  period  lasting  through  Oct.  11.  The 
FCC,  which  already  gave  back  billions  of 
dollars  in  down  payments  to  the  bidders, 
has  so  far  refused  to  free  the  carriers  from 
their  obligation  to  pay  the  remainder  of 
their  bids  if  the  government  were  to  regain 
the  NextWave  spectrum. 

The  proposal  to  fully  release  the  compa¬ 
nies  from  their  obligations  acknowledges 
that  because  the  commission  issued  its 
See  Wireless,  page  42 


up  to  $17,700  for  a  large-room  system. 
Customers  are  not  required  to  use  Broad¬ 
wing-provided  Polycom  gear  but  may  de¬ 
ploy  any  H.323-compliant  equipment. 

The  carrier  also  offers  coder/decoder 
conversion  for  its  Broadwing-hosted  cus¬ 
tomers.  This  will  let  a  customer  using 
Polycom  gear  to  communicate  with  an¬ 
other  location  that  is  using  Sony  gear,  for 
example.  Customers  can  expect  to  pay  a 
$2  per  conversion,  per  session  fee  for 
this  feature. 

The  service  costs  $1 19  per  month  plus  75 
cents  per  minute  for  each  videoconference 
for  user-hosted  customers.  Broadwing- 
hosted  customers  are  charged  $1.16  per 
minute  for  each  videoconference.  ■ 

Internet 
Services 

Subscribe  to  our  free  newsletter. 
DocFinder:  5434  www.nwfusion.com 


Broadwing  eases  IP  videoconferences 
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EYE  ON  THE 
CARRIERS 

Johna  Till 
Johnson 


I  have  an  inner  gauge  for  how  well  a  tele¬ 
com  department  —  or  an  IT  depart¬ 
ment,  for  that  matter  —  is  run.  Within 
two  hours  I  can  usually  tell  whether  an 
organization  is  efficient,  productive  and 
cost-effective. 

And  that  assessment  tends  to  be  a  pretty 
good  proxy  for  the  company:  Chaotic,  ill- 
run  companies  tend  to  have  chaotic,  ill-run 
IT  departments  and  vice  versa. 

What  do  1  look  for? 

Structure.  A  well-run  IT  department  is 
generally  organized  along  the  “design, 
build,  operate”  paradigm.  Most  organiza¬ 
tions  recognize  that  it  takes  different 


www.nwfusion.com 


How  to  build  a  better  telecom  organization 


skills  and  focus  to  create  a  brand-new 
architecture  than  it  does  to  ensure 
99.999%  availability.  And  virtually  every 
company  has  merged  its  voice  and  data 
WAN  unit  in  recognition  of  the  fact  that 
the  distinction  between  voice  and  data 
services  is  rapidly  blurring. 

Organization.  A  particularly  good  indica¬ 
tion  of  an  effective  telecom  department  is 
that  meetings  begin  and  end  on  time,  with 
clear  agendas,  well-articulated  goals  and  a 
coherent  progression  of  events.  Projects 
have  a  well-defined  scope.  Managers  pro¬ 
vide  regular  status  reports  and  updates. 
This  organized  approach  pays  dividends 
—  even  during  the  most  critical  projects, 
people  can  put  in  eight-  to  10-hour  days, 
instead  of  the  12-  to  18-hour  days  that  are 
all  too  familiar  to  most  of  us. 

Culture.  The  term  “culture”  is  often  used 
(and  misused).  A  cornerstone  of  culture  is 
open,  honest,  regular  communication. 
Specifically,  people  should  proactively 


keep  each  other  informed  about  critical 
issues  and  events. Too  often,  turf  wars  and 
ego  battles  lead  to  “information  silos”  that 
result  in  wasted  effort. 

Focus.  A  telling  sign  of  a  well-disciplined 
organization  is  that  IT  initiatives  are  consis¬ 
tently  expressed  in  terms  of  the  core  busi¬ 
ness.  Performance  isn’t  measured  in  mil¬ 
liseconds  or  availability  —  it  is  measured 
in  revenue  gained  or  costs  avoided. 

If  the  description  above  fits  your  telecom 
organization,  congratulations  and  keep  up 
the  great  work. 

Most  likely,  it  doesn’t  —  only  about  5% 
of  the  organizations  I  talk  to  regularly 
meet  that  description. 

If  you  feel  your  department  could  use 
work,  here  are  a  few  tips: 

•  Start  by  looking  in  the  mirror.  IT  execu¬ 
tives  are  more  responsible  than  they  realize 
for“setting  the  tone”  for  those  around  them. 
Make  sure  that  you  personally  instantiate 
the  structure,  organization,  culture,  and 


focus  that  you  expect  from  your  peers  and 
supporting  staff. 

•  Then  take  a  critical  look  at  your  team. 
Too  often,  organizations  keep  prima  don¬ 
nas  on  board  far  too  long,  for  the  wrong 
reasons.  You  know  the  folks  I’m  talking 
about:  those  individuals  who  are  abusive, 
secretive,  disorganized  and  generally 
tough  to  get  along  with.  The  excuse  for 
keeping  these  people  is  their  talent  (real 
or  imagined). 

Prima  donnas  destroy  far  more  value  than 
they  deliver.  And  if  you  really  think  that  tal¬ 
ent  is  so  hard  to  find, check  out  the  resumes 
on  Monster.com.  Make  it  clear  that  behavior 
that  conflicts  with  the  values  above  will  not 
be  tolerated  —  and  stick  to  it. 

Johnson  is  senior  vice  president  and 
CTO  for  Greenwich  Technology  Partners,  a 
network  consulting  and  engineering  firm. 
She  can  be  reached  at  johna@green- 
wichtech.com. 


Interland  touts  reliability  of  hosting  model 

BlueHalo  service  said  to  trim  costs,  eliminate  single  point  of  failure  with  redundant  architecture. 


■  BY  JENNIFER  MEARS 

ATLANTA  —  Interland,  a  leader 
in  the  shared  hosting  market,  is 
touting  a  new  architecture  that 
uses  redundant  servers  to  elimi¬ 
nate  the  single  point  of  failure 
typically  associated  with  most 
shared  hosting  scenarios. 

Traditionally, shared  hosting  has 
meant  that  multiple  accounts  are 
hosted  on  a  server.  Such  services 
save  customers  money  —  shared 
hosting  runs  between  $20  and 
$200  per  month,  while  dedicated 
hosting  can  cost  tens  of  thou¬ 
sands  of  dollars  per  month  — 
but  they  also  leave  customers 
vulnerable  to  problems  because 
they  are  sharing  hardware  and 
system  resources. 

Interland  is  aiming  to  eliminate 
those  issues  with  its  blueHalo 
service,  which  it  introduced  last 
week.  BlueHalo  employs  a  re- 


Wireiess 

continued  from  page  41 

partial  refund,  “the  capital  mar¬ 
kets  for  entities  . . .  engaged  in  the 
provision  of  wireless  telecommu¬ 
nications  services, as  well  as  other 
telecom  services,  has  continued 
to  decline  rapidly” 

The  proposal  says  that  troubling 
financial  circumstances  have  led 
to  difficulties  in  accessing  capital. 

Tom  Wheeler,  CEO  of  the  Cell- 
ul  i  Telecommunications  &  In¬ 
ternet  Association, says  relieving 


dundant  architecture  to  provide 
high  availability  to  shared  host¬ 
ing  customers. 

Customer  content  is  hosted  in 
shared  network-attached  storage 
devices,  rather  than  on  shared 
servers.  That  way  content  can  be 
served  from  an  array  of  servers 
and  there  is  no  single  point  of 
failure.  Load  balancers  direct 
traffic  across  the  servers  to  en¬ 
sure  the  best  performance.  Blue¬ 
Halo  also  includes  redundant 
firewalls,  which  provide  an  addi¬ 
tional  level  of  security  the  com¬ 
pany  says. 

The  service  includes  a  99.99% 
uptime  service-level  agreement 
that  calls  for  refunds  for 
violations. 

BlueHalo  also  includes  new 
automated  management  tools 
to  ensure  that  no  sites  are  ad¬ 
versely  affected  by  other  ac¬ 
counts  sharing  the  system.  Code 


the  industry’s  $16  billion  obliga¬ 
tion  would  provide  much- 
needed  relief. 

“Chairman  [Michael]  Powell 
has  said  previously  that  the  wire¬ 
less  industry  faced  a  severe  cap¬ 
ital  crisis;  this  decision  would  do 
much  to  ease  that  crisis,” 
Wheeler  says. 

Johnston  and  Blau  are  corre¬ 
spondents  with  the  IDG  News 
Service.  Network  World  Senior 
Editor  Denise  Pbppalardo  contrib¬ 
uted  to  this  story. 


Sharing  the  load 

Interland’s  new  shared  hosting  architecture  promises  high  availability.  Here’s  how: 


O  Like  traditional  ©  A  blueHalo 
shared  hosting,  firewall  adds 

the  network  additional 

firewall  acts  as  a  protection, 

gateway. 


©Instead  of  sending  traffic  to  a  Q  Redundant 
single  shared  server,  blueHalo  servers  ensure 
load  balances  traffic  for  delivery  of 
multiple  customers  among  content  even  if 
redundant  servers .  one  server  fails. 


©  Content  lives  on 
a  NAS  and  can  be 
delivered  quickly 
to  a  variety  of 
servers. 


©  Disk  backup 
protects 
data  from 
loss  if  NAS 
goes  down. 


Manager  monitors  Web  applica¬ 
tion  code  and  provides  sugges¬ 
tions  to  correct  problems. 
Process  Manager  sets  thresh¬ 
olds  for  resource  consumption 


More  online! 

See  how  the  feds  might  free  up  at  least 
90MHz  of  currently  occupied  spectrum  for 
new  and  enhanced  wireless  services  during 
the  next  few  years. 

DocFinder  2327 


and  monitors  accounts  to  en¬ 
force  them. 

Web  site  development  and  In¬ 
ternet  computer  consultant 
Kurt  Weiss  of  KW  Productions 
says  blueHalo  is  providing  his 
customers  with  a  hosting  envi¬ 
ronment  they  normally  would 
not  find  in  a  shared  hosting 
package. 

“In  shared  hosting,  some  sin¬ 
gle  user  can  hog  resources. 
With  blueHalo  that’s  much  less 
likely  to  happen,  and  if  it  does 
happen  the  technology  allows 
them  to  pinpoint  who’s  doing  it 
and  they  can  take  care  of  it,” 
Weiss  says. 

Analysts  say  Interland,  which 
competes  with  companies  such 
as  Affinity  Internet  and  Ver,  is 
raising  the  bar  in  shared  hosting 


as  small  and  midsize  businesses 
look  for  more  robust  hosting 
platforms.  Such  businesses  are 
increasingly  expanding  their 
Web  presence,  adding  e-com¬ 
merce  functionality,  for  exam¬ 
ple,  that  demands  better  hosting 
capabilities. 

“This  platform  allows  compa¬ 
nies  to  have  a  more  reliable  Web 
site,”  says  Helen  Chan,  an  analyst 
with  The  Yankee  Group. 

“That’s  a  selection  criterion  that 
a  lot  of  companies  are  starting  to 
use  as  a  reason  why  they’re 
choosing  a  particular  provide^ 
Chan  says.“lt  used  to  be  selection 
was  based  on  price.” 

BlueHALO  is  available  on  Win¬ 
dows  or  Linux  servers  and  starts 
at  $20  per  month. 

Interland:  www.interland.net 


Switch  to  HP  Procurve  and  build  it  to  last. 

The  new  HP  Procurve  Switch  5300x1  series  delivers  the  fastest  layer  3/4 
features  for  the  price  of  the  competition's  layer  2  modular  switches.  And  HP 
Procurve  switches  are  fully  interoperable  and  scalable,  making  it  easier  than 
ever  to  add  the  switching  capacity  you  need  for  current  and  future  growth. 
These  convergence-ready  switches  provide  flexibility,  high  port  density, 
free  software  upgrades  and  a  lifetime  warranty. 

Now  HP  Procurve  Networking  gives  you  3  unbeatable  offers: 

•  Trade  in  any  Cisco  2924,  2948,  3548,  4006  or  6500  switches  with  no 
trade-in  limits  when  they  are  traded  for  HP  Procurve  5300  series  switches 

•  Get  a  $400  cash  rebate  on  the  HP  Procurve  4148gl  and  up  to  $500 
off  mini-GBIC  modules  or  transceivers 

•  Buy  an  HP  Procun/e  5300x1  switch  and  get  a  free  mini-GBIC  module  worth  $1,299 

Find  out  more  at  www.hpprocurve.com/lifetime  or  call  us  now 
to  talk  to  an  HP  Procurve  professional  at  1-800-477-6111 
extension  41682. 


invent 


©  2002  Hewlett-Packard  Company.  All  rights  reserved.  For  lull  terms  and  conditions  visit  www.hpprocurve.com/liletime. 
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Maybe  you're  not  seeing  enough 

of  the  Big  Picture. 
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Running  a  network  today  is  like  keeping 
tabs  on  every  bee  in  a  hive  simultaneously. 

Tough  to  do,  but  necessary.  That's  why  we 
built  the  OptiView  Network  Analysis  Solution. 

It  gives  you  full  time  vision  -  whether  you're 
out  troubleshooting  or  at  your  console  monitor¬ 
ing  the  Big  Picture.  Everything  works  together 
the  same  way.  Everytime.  It's  a  feature  rich 
scalable  tool  set  that  lets  you  analyze  all  your 
net  activity,  all  the  time.  Including  seven  layer 
decodes.  Advanced  network  discovery.  Remote 
packet  capture  capability.  Monitoring  SNMP 
devices  and  RM0N2  traffic.  Local  and  remote 
device  mapping.  And  more.  It's  the  perfection 
of  Network  Supervision. 


See  what  you've  been  missing. 

For  a  free  network  evaluation 
and  demonstration  on  your  own 
network,  call  us  at  1-800-283-5853 
(U.S.  and  Canada)  or  425-446-4519. 
Or,  go  to  www.flukenetworks.com/ 
networkanalysis 


NETWORKSUPERVISION™ 
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■  SERVICE  PROVIDER  DEVELOPMENTS 

AT  THE  JUNCTURE  BETWEEN  THE  ENTERPRISE 
AND  THE  NEW  PUBLIC  NETWORK 


Optical  players  target  metro  area 


Market  snapshot 


Nortel’s  and  Cisco’s  positions  in  SONET  add/drop  multiplexing  (ADM) 
and  multiservice  transport. 


SONET/SDH  ADMs,  Q2  2002 

Worldwide  revenue: 

$903.5  million 
Vendor  share: 

Others  10.1% 

ECI  Telecom  1  % 


NEC 

4.3% 

Marconi 

10.3% 

Nortel 

12.2% 

Fujitsu 


Lucent 

21% 


Alcatel 

14.4% 


SONET  Multiservice  platforms,  Q2  2002 
Worldwide  revenue:  $336.3  million 

Vendor  share: 

Redback  .3%s  Others  8.2% 

Sycamore  .5% 

Lucent  1.2% - 
Ciena  1 .8%  — 

Fujitsu  5.4%  i  v  Alcatel 
ECI  Telecom  7.7% 


SOURCE:  DELL'ORO  GROUP 


■  BY  JIM  DUFFY 

DALLAS  —  Despite  the  downturn  in  the 
telecom  industrysome  leading  vendors  are 
attempting  to  hit  the  few  hot  spots  in  the 
market  with  products  designed  to  con¬ 
vince  carriers  of  the  revenue  and  cost-sav¬ 
ings  potential  inherent  in  new  investments. 

Cisco  and  Nortel  unveiled  two  such  offer¬ 
ings  at  a  downcast  National  Fiber  Optic  En¬ 
gineers  Conference  2002  last  week.  The 
companies  rolled  out  enhancements  and 
extensions  to  their  portfolios  for  metropoli¬ 
tan-area  SONET  networks,  one  of  the  flick¬ 
ering  stars  in  a  telecom  constellation  that’s 
gone  dim  over  the  past  18  months. 

Cisco  announced  a  SONET  grooming 
switch  described  as  a  “bigger  brother”  to  its 
popular  ONS  15454  metropolitan  transport 
system.The  new  ONS  15600  is  designed  for 
high-density  aggregation  switching  of 
SONET/SDH  traffic  collected  from  multiple 
ONS  15454  rings. 

A  key  feature  of  the  ONS  15600  is  its  abili¬ 
ty  to  groom  traffic  at  the  52M  bit/sec 
STS-1  level,  which  makes  more  efficient  use 
of  bandwidth  by  packing  SONET  rings  with 
more  traffic. 

Meanwhile,  Nortel  added  Gigabit  Ether¬ 
net  service  interfaces  to  its  OPTera  Connect 
DX  SONET/SDH  switch. The  dual-port  Giga¬ 
bit  Ethernet  interfaces  let  the  DX  support 
32  ports  per  bay  for  Ethernet-over-SONET 
aggregation  and  switching  in  the  metropol¬ 
itan  core. 

Nortel  says  the  DX  enhancements  will 
help  position  the  switch  away  from  its  tra¬ 
ditional  niche  in  the  depressed  long-haul 


Takes 


■  Santera  Systems  last  week 
announced  that  its  flagship  Class  5 
switching  product  has  completed  the 
Telcordia  Operations  Systems 
Modifications  for  the  Integra¬ 
tion  of  Network  Elements  Ser¬ 
vices  process.  By  completing  the 
Telcordia  OSMINE  Services  process, 
Santera's  SanteraOne  product  can 
integrate  into  the  regional  Bell  oper¬ 
ating  companies'  customer  service 
order/switch  provisioning  and  moni¬ 
toring/troubleshooting  systems. 


market  —  where  the  fiber/bandwidth  glut 
is  most  prevalent  —  and  into  the  metro¬ 
politan  network. 

“The  metro  area  is  the  hot  area,” says  Deb 
Mielke,  principal  atTrelliage  Network  Strat- 
egies.“it’s  certainly  not  long-haul  right  now!’ 

Cisco  says  the  metro  area  just  got  hotter 
with  the  introduction  of  the  15600.The  STS- 
1  switch  combines  the  functions  of  a 
SONET  add/drop  multiplexer  (ADM)  with 
an  optical  cross-connect,  says  Dave  Lively 
senior  manager  of  optical  strategies  at 
Cisco.  This  helps  service  providers  save 
money  by  eliminating  the  need  for  multi¬ 
ple  ADMs  at  the  core  central  office  to 
aggregate  rings  from  the  edge,  he  says. 

The  15600  supports  128  OC-48  interfaces 
and  320G  bit/sec  of  switching  capacity  per 
shelf.  Three  shelves  can  fit  into  one  tele¬ 
phone  company  rack. 

Sixty-four  protected  rings  can  be  config¬ 
ured  with  the  switch. For  SONET,  it  supports 
unidirectional  path  switched  ring  and  bidi¬ 
rectional  line  switched  ring  configurations. 

Lively  says  that  through  some  Cisco  inno¬ 
vation  in  cooling,  each  slot  in  the  15600  is 
160G  bit/sec-capable,  meaning  a  shelf  can 
achieve  a  total  system  throughput  of  1.28 
terabit/sec,  or  4  terabit/sec  per  rack.  These 
same  innovations  let  the  15600  achieve 


■  BY  JIM  DUFFY 

SAN  JOSE  —  Cisco  last  week  unveiled 
products  designed  to  boost  the  perfor¬ 
mance  of  its  routers  and  enhance  the  man¬ 
agement  of  Cisco-built  networks. 

The  company  rolled  out  a  processor  for 
its  7200-series  router  that  more  than  dou¬ 
bles  the  processing  power  of  the  line  and 
yields  performance  of  up  to  1  million  pack¬ 
et/sec.  Cisco  also  announced  three  soft¬ 
ware  modules  for  its  Internet  operations 
support  system  (OSS)  suite  designed  to  let 
service  providers  activate  services  faster, 
and  enhance  traffic  monitoring  and 
accounting. 

The  new  processing  engine  for  the  7200 
series  is  called  the  Network  Processing 
Engine  G1  (NPE-Gl).It  is  a  700MHz  Broad¬ 
com  BCM1250  processor  module  that  slips 


restoration  times  of  15  msec  to  25  msec,  vs. 
SONET’s  50  msec  restoral,  Lively  says. 

The  15600  is  optimized  for  existing 
SONET/SDH  investments  that  support  rev¬ 
enue  generation  from  circuit-based  TDM 
traffic,  Lively  says. 


into  the  CPU  slot  of  the  7200, and  can  be  in¬ 
stalled  in  the  field  as  an  incremental  up¬ 
grade  to  the  7200  VXR  chassis. 

The  NPE-G1  provides  a  140%  increase  in 
processing  power  over  the  previous  gener¬ 
ation  NPE-400.The  horsepower  of  the  NPE- 
G1  will  enable  service  providers  to  deploy 
the  7200  for  high-performance  security  ser¬ 
vices,  bandwidth  and  traffic  management, 
converged  voice,  video  and  data,  Multi-pro¬ 
tocol  Label  Switching  (MPLS)  and  IPv6 
applications,  Cisco  says. 

The  NPE-G1  also  doubles  the  amount  of 
dynamic  random-access  memory  on  the 
7200,  up  to  1G  byte. This  lets  the  7200  sup¬ 
port  more  routing  tables  and  access  con¬ 
trol  lists. 

The  NPE-G1  also  offers  three  built-in 
10/1 00/ 1 000M  bit/sec  Ethernet  ports  for 

See  Cisco,  page  46 


The  15600  is  in  trials  at  US  Signal  and 
Looking  Glass  Networks,  and  Lively  says 
Cisco  is  in  discussion  with  regional  Bell  op¬ 
erating  companies  and  incumbent  local 
exchange  carriers  (ILEC)  on  some  possi¬ 
ble  15600  opportunities  in  their  networks. 

Analysts  say  these  carriers  might  listen. 

“It  fills  a  gap,”  Mielke  says.They  needed  a 
box  to  work  in  between  metro  concentra¬ 
tion  points,  to  concentrate  big  metro  sys¬ 
tems  for  the  ILECs  and  the  bigger  guys. 
That’s  what  this  does.” 

Lively  says  the  15600  will  compete  most 
directly  with  digital  and  optical  cross  con¬ 
nects  from  vendors  such  as  Ciena  and  Nor¬ 
tel.  Some  observers  say  it  will  compete  ag¬ 
gressively  with  Ciena’s  CoreDirector  Cl. 

It  also  might  bump  up  against  Nortel’s  DX, 
which  gained  optical  Ethernet  capabilities 
with  the  addition  of  the  Gigabit  Ethernet 
interfaces.These  enhancements, combined 
with  the  DX’s  existing  integration  of 
SONET/SDH  ADM,  cross-connect  and 
dense  wavelength  division  multiplexing 
capabilities,  can  save  service  providers  45% 
to  55%  in  capital  and  operational  expendi¬ 
tures,  respectively  Nortel  says. 

“Carriers  are  targeting  Ethernet  services 
as  a  growth  opportunity’  says  Sterling  Per¬ 
rin,  an  analyst  at  IDC  .“I  wouldn’t  expect 
that  [the  DX]  is  going  to  be  an  Ethernet 
box,  by  and  large,  but  there  are  carriers 
that  are  going  to  deploy  some  Ethernet 
functionality  off  of  it.  And  a  lot  of  carriers 
are  going  to  at  least  want  that  kind  of  a 
road  map  there.”  ■ 


Cisco  pumps  up 
router  performance 
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Nortel  vet  takes  dive 
into  rough  VC  waters 


Anil  Khatod  brings  a  unique  perspective  to  his  new 
job  as  a  venture  capitalist  at  Atlas  Venture:  about  20 
years  working  at  Nortel  in  numerous  capacities,  rang¬ 
ing  from  group  president  of  Global  Internet  Solutions 
to  chief  marketing  and  strategy  officer.  His  job  at  Atlas 
is  twofold:  help  the  company  identify  new  companies  that  can  sell  into 
the  carrier  and  enterprise  network  markets;  and  figure  out  the  best  direc¬ 
tion  for  some  of  the  companies  already  in  the  Atlas  portfolio.  He  recently 
spoke  with  Network  World  News  Editor  Bob  Brown  about  the  chal¬ 
lenges  and  opportunities  of  investing  in  today's  network  industry. 


Investing  in  the  telecom  industry  can't  be  a  very  easy  job  today,  can  it? 

It  is  not,  per  se.A  lot  of  people  ask  me  what’s  hot  these  days,  and  nothing’s  hot. 
But  there’s  always  room  for  the  right  technology  in  just  about  any  space.  I  was 
with  engineering  people  from  two  big  carriers  last  week  listening  to  where  they 
think  the  next  pain  points  are  in  the  network.That’s  a  useful  thing  to  do  to  see  if 
we  can  mold  existing  portfolio  companies  to  do  those  things  or  if  there’s  a 
unique  opportunity  for  new  ones. 

What  were  they  saying? 

For  the  most  part,  they  are  going  to  be  in  hibernation  for  the  next  couple  of 
years.  But  they  did  go  through  their  priorities  and  plans.  For  Verizon,  for  exam¬ 
ple,  DSL  remains  a  very  top  priority. There  are  opportunities,  not  necessarily  for 
products  that  get  delivered  in  six  months  but  perhaps  in  a  year  or  two. 

What  sort  of  business  plans  are  you  seeing? 

I’ve  seen  surprisingly  many  optical  business  plans  for  the  metro  and  long-haul 
[networks]. I’ve  seen  a  lot  of  component  plans, which  is  probably  an  area  that  has 
some  opportunity  I’ve  seen  software  and  a  few  wireless  plans.These  are  both  in 


the  carrier  and  enterprise  spaces. 

Where's  the  activity  in  the  enterprise? 

The  enterprise  market  looks  a  little  better  than  the  carrier  market.The  focus  is 
on  making  data  centers  more  efficient.  Enterprises,  when  it  comes  to  wide-area 
networking,  are  looking  more  at  Ethernet-type  applications. 

Are  there  still  opportunities  in  optical? 

I’m  very  cautious  about  optical.  I  cannot  generalize  and  rule  something  out, 
because  there  could  be  something  interesting  in  that  space,  but  you’re  not  likely 
to  see  us  investing  wholesale  in  any  optical  set  of  companies. There  are  oppor¬ 
tunities  in  niches,  in  components  and  the  metro  side. There’s  not  a  lot  of  oppor¬ 
tunity  in  the  ultra-long-haul  business. 

While  many  of  the  newer  carrier  equipment  companies  have  struggled,  it's  not  like  they 
haven't  sold  anything.  Are  we  seeing  any  fruits  of  the  technologies  they've  developed,  in 
terms  of  new  services? 

To  some  degree,  yes.  Has  it  been  as  successful  as  hoped  for?  No.  There  are 
metro  [dense  wave  division  multiplexing]  services,  like  from  SBC  Commun¬ 
ications.  Nortel  had  bought  a  company  a  few  years  back  called  Cambrian  that 
has  done  very  well  with  its  OPTera  metro  products. There’s  definitely  been  a 
shift  in  the  architecture  underlying  services  offered  to  enterprises  over  the  last 
three  years. 

I'm  thinking  you’re  probably  not  the  most  objective  person  in  the  world  to  ask  about 
Nortel,  but  what's  your  take  on  that  company's  situation? 

I’m  reasonably  objective.  Nortel,  like  any  major  incumbent,  is  going  through  a 
difficult  period  but  working  to  get  its  break-even  point  down  dramatically.  What 
the  company  has  going  for  it  is  a  huge  customer  base  and  solid  wireless  busi¬ 
ness.  There’s  huge  demand  for  [Code  Division  Multiple  Access]  equipment,  and 
Nortel  is  one  of  the  largest  suppliers.  All  these  incumbents  are  going  to  make  it. 
It’s  hard  for  me  to  see  a  company  with  such  a  sizeable  installed  base  going  any¬ 
where,  though  everyone  can  make  dumb  mistakes. 

What's  Nortel's  biggest  challenge? 

It’s  not  just  Nortel  but  across  the  large  companies.  Lucent  has  the  same  issues. 
One,  how  can  they  break  even  fast  enough. The  business  is  continuously  shrink¬ 
ing  for  all  the  suppliers  and  they  have  to  cut  costs  fast  enough  to  make  money 
at  a  much  lower  volume.  And  two,  they  can’t  solve  all  their  problems  by  cutting 
costs.They  have  to  get  better  at  capturing  and  keeping  customers  to  gain  mar¬ 
ket  share.  ■ 


Performance  management 

Enhancements  to  Cisco’s  7200  router  and  operations 
support  system  (OSS)  software  ... 

For  the  7200: 

•  Network  Processing  Engine  G1  (NPE-G1). 

•  Field  upgrade  to  the  7200VXR. 

•  More  than  doubles  processing  performance. 

•  Higher  performance  security,  quality  of  service,  converged 
voice,  video  and  data,  MPLS  and  IPv6  services. 

•  Three  built-in  10/100/1000M  bit/sec  Ethernet  ports. 

For  Internet  OSS: 

•  Three  domain  managers:  Cisco  Mobile  Wireless  Center, 
Broadband  Access  Center  and  Packet  Telephony  Center. 

•  Handle  provisioning,  service-level  monitoring  and  service- 
level  accounting  functions. 

•  Can  be  used  as  stand-alone  applications  or  subsystems  for 
integration  into  existing  OSS  infrastructures. 


Cisco 

continued  from  page  45 

LAN  connectivity.  The  integral, 
dedicated  LAN  ports  frees  up 
other  ports  on  the  7200  for  band¬ 
width. 

LAN  ports  are  copper  RJ-45  and 
fiber  gigabit  interface  converters, 
the  latter  specifically  for  gigabit 
connectivity 

Separately,  Cisco  also  announ¬ 
ced  new  software  support  for 
hardware-accelerated  features  on 
its  7300  series  routers,  such  as 
MPLS,  MPLS  VPNs  and  network 
address  translation  (NAT).  These 
enhancements  help  position  the 
router  as  an  option  for  remote  ser¬ 
vice  provider  point-of-presence 
applications,  Cisco  says,  where 
MPLS,  VPN  and  NAT  services  are 
initiated  at  points  closest  to  the 
enterprise  customer. 

The  NPE-G1  is  available  and 
costs  $15,000.  The  software  fea¬ 
tures  for  the  7300series  router  are 


currently  available. 

For  management,  Cisco  rolled 
out  three  domain  managers  for  its 
Internet  OSS  software  application 
suite:  Mobile  Wireless  Center, 
Broadband  Access  Center  and 
Packet  Telephony  Center.  They 
provide  element  and  service-level 
management,  specifically  focus¬ 
ing  on  provisioning,  service-level 
monitoring  and  service-level 
accounting  functions. 

The  domain  managers  also  can 

<  u  s  /  „ 

ok  '  O 


More  online! 

See  what  progress  Cisco  announced  for  its 
OSS  portfolio  at  SuperComm. 

DocFinder  2328 


be  used  as  stand-alone  applica¬ 
tions  or  as  subsystems,  letting  in¬ 
dependent  software  vendors,  sys¬ 
tems  integrators  or  customers  in¬ 
tegrate  their  applications  and  net¬ 
works  into  existing  OSS  infra¬ 
structures,  Cisco  says. 

The  Mobile  Wireless  Center  pro¬ 
vides  specific  tools  and  services 
to  support  mobile  wireless  de¬ 
ployment,  such  as  flow-through 
provisioning  of  Radio  Access  Net¬ 
work  transport  networks  built  on 
Cisco  hardware. 

The  Broadband  Access  Center 
provides  a  single  management 
system  for  cable,  DSL,T-1,  broad¬ 
band  aggregation  and  voice-over- 
IP  (VoIP)  over  Ethernet  access 
technologies. 

The  Packet  Telephony  Center 
provides  voice  network  manage¬ 
ment  to  help  accelerate  packet- 
voice  service  deployment,  Cisco 
says.  It  supports  call  agents,  gate 
way  devices  and  automated  man¬ 
agement,  and  lets  VoIP  networks 


to  co-exist  with  the  public 
switched  telephone  network, 
Cisco  says. 

The  new  domain  managers  are 


available  now.  Pricing  depends 
on  number  of  units  and  ranges 
from  $25,000  into  the  millions  of 
dollars.  ■ 
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H.263  compresses  video  over  IP 


■  BY  RAY  PATALANO 

Whether  it’s  the  convenience  of  holding 
face-to-face  meetings  globally  or  the  value 
of  watching  remote  assets  from  a  central 
office  locally  the  potential  of  video  over  IP 
is  growing.  Physical  security  and  public 
safety  organizations  are  driving  the  de¬ 
mand  to  implement  enhanced  digital 
video  tools, and  technology  now  allows  for 
migrating  those  tools  onto  a  communica¬ 
tions  network. 

You  don’t  need  to  upgrade  your  network 
to  Gigabit  Ethernet  to  transmit  video  over 
IP  because  video  compression, specifically 
the  H.263  standard,  provides  a  cost-effec¬ 
tive  alternative  to  increased  bandwidth. 

In  the  world  of  video  compression  there 
are  two  types  of  choices:  proprietary  com¬ 
pression  algorithms  created  by  several 
manufacturers,  and  standards-based  tech¬ 
nologies  such  as  H.263  and  the  Moving 
Pictures  Experts  Group  (MPEG)  family, 
including  Motion  JPEGs. 

There  are  options  in  each  category  al¬ 
though  the  actual  application  —  be  it  secu¬ 
rity,  e-learning  or  videoconferencing  —  will 
drive  the  decision. The  two  most  popular 
standards-based  technologies  are  Motion 
JPEG  and  H.263. 


Got  great  ideas 


■  Network  World  is  looking  for  great 
ideas  for  future  Tech  Updates.  If  you’ve 
got  one  and  want  to  contribute  it  to  a 
future  issue,  contact  Features  Editor 
Neal  Weinberg  (nweinberg@  nww.com). 


H.263  video  compression 


H.263  video  compression  technology  lets  you  send  high-quality  video  at 
low  bandwidths. 

© 

The  gateway  sends  the  video  stream  to  the  WAN  routers, 
which  send  it  across  the  WAN  to  the  central  site. 


WAN  router 


Video  gateway 
converts  analog  input 
into  digital  packets  and 
compresses  the 
packets  using  the  H.263 
standard. 
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WAN/public 
switched  telephone 
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Remote  site 

Video  gateway 


Central  site 


Analog  video 
cameras  at  a  remote 
site  send  video 
stream  to  video 
gateway. 
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Surveillance  station 
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In  the  remote  surveillance  scenario, 
the  video  is  then  viewed  at  a  surve¬ 
illance  station. 


Motion  JPEG 

Commonly  known  as  MJPEG,  this  com¬ 
pression  algorithm  is  a  distant  cousin  of 
the  MPEG  and  is  commonly  seen  in  digital 
video  recorders.Typically,  MJPEG  is  used  in 
the  physical  security  environment  to  trans¬ 
late  analog  video  from  closed  circuit  tele¬ 
vision  cameras  into  a  digital  stream  to  be 
stored  onto  a  hard  drive. 

MJPEG  has  the  capability  to  send  very 
high-quality  pictures,  but  it  requires  an 
enormous  amount  of  bandwidth  —  as 
much  as  a  T-l  circuit  —  to  produce  full- 
motion  video.  MJPEG  does  not  use  inter¬ 
frame  coding,  unlike  MPEG, and  is  easier  to 
edit  with  a  nonlinear  editor. 


However,  MJPEG  images  are  among  the 
largest  to  store  on  a  digital  medium  and  re¬ 
quire  large  amounts  of  disk  space  to  meet 
the  needs  of  most  businesses  today  It  is  per¬ 
haps  the  most  inefficient  coder/  decoder 
(codec)  to  use  in  an  application  such  as 
physical  security  where  the  camera  needs 
to  be  on  for  extended  periods  of  time. This 
technology  is  better  for  applications  when 
a  “snapshot”  photo  is  the  desired  outcome. 

H.263  lets  users  scale  bandwidth  usage 
and  can  achieve  full-motion  video  (30 
frames  per  second)  at  speeds  as  low  as 
128K  bit/sec.  With  its  flexibility  and  band¬ 
width  and  storage  savings,  H.263  has  a  low 
total  cost  of  ownership  and  provides  a 
quick  return  on  investment. 


H.263  was  developed  to  stream  video  at 
bandwidths  as  low  as  20K  to  24K  bit/sec 
and  was  based  on  the  H.261  codec,  but  as 
a  general  rule,  it  requires  half  the  band¬ 
width  to  achieve  the  same  video  quality 

Originally  designed  as  the  standard  for 
videoconferencing  over  ISDN,  H.261  intro¬ 
duced  features  such  as  motion  prediction 
and  block  transformation.This  allowed  for 
a  smoother  picture  with  good  quality,  but 
was  limited  in  the  amount  of  motion  it 
could  handle.  Also,  H.261  used  a  large 
amount  of  bandwidth  (64K  to  2M  bytes) 
and  was  targeted  primarily  at  circuit- 
switched  networks. 

H.263  has  largely  replaced  H.261.  As 
H.263  became  popular  because  of  its 
high-quality  video  at  low  bandwidths,  the 
standard  was  annexed  and  updated  nine 
times.  IT  managers  can  feel  comfortable 
placing  it  on  their  data  networks,  without 
increasing  bandwidth  and  storage  costs, 
or  interrupting  other  critical  voice  and 
data  applications  already  running  on  the 
network. 

The  H.263  algorithm  also  can  be  modi¬ 
fied  by  today’s  more  savvy  developers  to 
produce  better  results  and  better  com¬ 
pression  schemes,  which  in  turn  gives  end 
users  more  choices  in  selecting  the  im¬ 
plementation  that  best  fits  their  business 
applications. 


Patalano  is  director  of  IP  Video  Solutions 
at  Vanguard  Managed  Solutions.  He  can  be 
reached  at  aypatalano@vanguardms. 
com. 
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Dr.  Internet  By  Steve  Blass 

In  your  response  about  using  Address  Resolution 
Protocol  to  find  an  IP  address  from  the  media 
access  control  address  (www.nwfiision.com, 
DocFinder:  2329)  -  surely  ARP  finds  the  MAC 
address  of  the  device  with  the  given  IP  address. 
Reverse  ARP  goes  the  other  way,  but  is  initiated  by 
the  device  with  the  unknown  IP  address,  which 
queries  a  server  with  a  MAC  address  to  the  IP 
address  mapping  table,  which  wouldn't  work  for 
us.  How  do  you  use  ARP  to  query  a  host  for  its  IP 


address,  addressing  it  by  its  MAC  address? 

From  a  PC  or  a  Unix  command  you  can  use  the 
command  arp  -a  to  list  the  contents  of  the  ARP 
cache.  Pipe  that  to  a  filter  that  matches  on  the 
MAC  address  you’re  looking  for  and  then  split  out 
the  assigned  IP  address.  This  is  not  a  method  for 
using  ARP  to  directly  query  the  device:  it  is  a 
method  for  using  the  artifacts  that  the  protocol 
traffic  leaves  behind  to  track  down  the  device. 


Even  better,  use  the  iproxy  package  available  at 
www.vergenet.net/linux/iproxy/  that  shows  how  to 
build  broadcast  listening  services  useful  for  auto¬ 
matic  device  configuration,  and  how  to  provide 
connection-oriented  TCP  services  using  connec¬ 
tionless  UDP  broadcast  and  multicast  protocols. 

Blass  is  a  network  architect  at  Change(a>Work 
in  Houston.  He  can  be  reached  at  dr.internet 
@changeatwork.com. 
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It  turns  out  that  we  misunderstood  the 
Microsoft  Knowledge  Base  article  we 
quoted  in  the  first  of  our  recent  cookie 
columns  (www.nwfusion.com, Doc- 
Finder:  2331). 

We  wrote  that  “2038  is  often  the  maxi¬ 
mum  year  used  [as  the  expiration  year  for 
a  cookie]  for  a  really  dumb  reason:  Active 
Server  Pages  in  Microsoft  Internet  Infor¬ 
mation  Server  3.0  and  4.0  and  Microsoft 
Internet  Information  Services  5.0  have  a 
small  bug  that  causes  an  error’’ 

Among  other  readers,  longtime  corre¬ 
spondent  and  supplier  of  jokes,  Phil  Daley 
dropped  us  a  note:  “You  make  this  sound 
like  a  Windows  problem,  but  it  is  actually  a 
Unix  problem  —  time_t  is  an  int  and  has 
been  since  Unix  was  invented.  That’s  why 
they  started  the  clock  on  1/1/70.” 

Indeed.  Here’s  the  logic:  The  variable 
time_t,  which  records  the  number  of  sec¬ 
onds  elapsed,  is  considered  to  have  been 
zero  at  00:00:00  on  01/01/70.This  variable  is 
a  long  “int”  —  an  integer  represented  by 
four  bytes  divided  into  a  value  of  31  bits 


Cookies  get  weird 


with  one  sign  bit. 

This  means  the  highest  value  that  time_t 
can  reach  before  it  becomes  zero  again  is 
2,147,483,648  seconds  or  24,855.1348  days 
or  roughly  68  years.This  equates  to  3:14:07 
a.m.on  Jan.  19, 2038. 

So  it  wasn’t  a  Microsoft  programming 
snafu  as  we  supposed  (which  seemed  a 
likely  conclusion  given  Microsoft’s  wording 
in  the  Knowledge  Base  article)  —  we  sim¬ 
ply  got  it  wrong. We  will  retire  to  a  dark  cor¬ 
ner  and  do  the  sackcloth  and  ashes  thing. 

Another  reader  enquired:  “Concerning 
‘Cookie  crumbs’,  I  have  a  question.  What 
more  information  would  one  need  that 
cannot  be  found  in  the  Local  SettingsV 
Temporary  Internet  Files?” 

More  information?  The  answer  depends 
what  you  want  more  information  about.  If 
we’re  talking  about  cookies  then,  for  exam¬ 
ple, under  Internet  Explorer  on  Windows  XP 
cookies  are  kept  in  the  folder  C:\Doc- 
uments  and  Settings\USERNAME\Cookies 
as  we  discussed  in  the  previous  Gearhead 
cookie  column  (DocFinder:2331). 

If  you  examine  these  cookies  with  the 
tool  we  discussed  last  week  (IECookies 
View  from  Nirsoft),you  can  see  where  PC 
users  have  been  browsing,  or  for  that  mat¬ 
ter,  where  you  have  been  browsing.  If  you 
want  to  keep  your  browsing  habits  private, 
then  you  should  do  some  deleting.  While 
removing  cookies  gets  rid  of  one  log  of 


your  browsing  trail  —  there  are  more 
sources. We’ll  come  back  to  that  topic  later. 

And  note  that  if  you  delete  any  or  all 
cookies,  you  might  be  disabling  automatic 
logon  to  registered  sites  that  use  a  cookie 
to  authenticate  you. Of  course  a  more  para¬ 
noid  viewpoint  is  that  this  is  a  good  thing 
because,  if  a  miscreant  makes  off  with  your 
PC  or  simply  copies  your  cookies,  he  could 
access  any  server  you  were  set  up  to  auto¬ 
matically  log  on  to. 

Now  as  a  Web  site  owner/manager/ 
lackey  you  should  think  about  how  you 
would  support  autologon  using  cookies.  If 
significant  financial  or  privacy  risk  is 
involved  and  you  absolutely  must  have  a 
cookie-based  autologon,  check  the  domain 
or  IP  subnet  location  of  the  user  presenting 
the  cookie.  If  that  location  data  changes, 
then  ask  for  the  user  to  authenticate. 

You  also  should  check  the  browser  iden¬ 
tity:  Valid  users  aren’t  likely  to  suddenly 
change  from  XP  to  98  or  from  OSX  to 
Windows  2000  without  authenticating 
themselves  at  least  once  in  the  normal 
manner. 

Anyway,  back  to  the  question. XP  uses  the 
directory  C:\Documents  and  SettingsV 
USERNAMEVLocal  Settings\Temporary 
Internet  Files  that  the  reader  referred  to  for 
temporary  storage  of  Web  content. 

In  here  you  find  HTML  documents,  Flash 
animations,  GIF  and  JPEG  images  —  a 


copy  of  everything  that  the  browser  has 
used  to  build  every  Web  page  it  has 
retrieved.  You  also  will  find  that  all  the 
cookies  you  can  see  in  the  folder 
C:\Documents  and  Settings\USERNAME\ 
Cookies  also  are  here! 

This  is  more  nefarious  Microsoft  systems 
programming  sleight-of-hand. What  you  see 
in  these  directories  are  not  all  real  files  — 
some  are  links  that  are  derived  from  the 
contents  of  index  files  and  presented  as  if 
they  are  files. 

If  you  use  Windows  Explorer  and  double 
click  on,  say,  a  JPEG  image  in  the 
Temporary  Internet  Files  subdirectory,  a 
warning  will  be  displayed  saying 
“Running  a  system  command  on  this  item 
might  be  unsafe.  Do  you  wish  to  contin¬ 
ue?”  At  this  point  you  may  be  wondering 
what  the  heck  is  going  on.  “What  system 
command?” 

Go  to  the  header  bar  of  the  right  pane 
and  right  click.  In  the  context  menu  select 
“Internet  Address”  and  voila!  Each  item  is 
associated  with  the  URL  it  was  down¬ 
loaded  from.  Double  clicking  won’t 
launch  the  program  for  the  associated  file 
type,  it  will  load  Internet  Explorer.  This  is 
not  your  average  subdirectory! 

It  gets  better,  but  you’ll  have  to  wait  until 
next  week.  Weird  links  to  gearhead@ 
gibbs.com. 
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Quick  takes 
on  high-tech  toys 

By  Keith  Shaw 


HP  adds  high-end  graphics 
card  to  notebook 

Hewlett-Packard  recently  an¬ 
nounced  its  Compaq  Presario 
2800  notebook,  which  in¬ 
cludes  high-end  graphics  and 
video  features.  The  notebook 
comes  with  ATI’s  Mobility 
Radeon  9000  graphics  card, 
which  will  aid  users  who 
want  to  integrate  video  into 
presentation  software  with¬ 
out  slowing  the  notebook’s 
performance.  HP  says  it 
also  improved  power  man¬ 
agement  to  extend  battery 
life. 

The  notebook  weighs  less  than  6  pounds,  includes  a 
1.7-GHz  mobile  Pentium  4-M  processor,  and  has 
a  30G-byte  hard  drive,  512M  bytes  of  dual  data 
rate,  synchronous  dynamic  random-access 
memory,  a  15-inch  SXGA+  display,  an  8x 
DVD/CD-RW  combination  drive  and  USB  2.0 
support.  Integrated  wireless  options  also  are 
available.The  pricing  for  this  configuration  starts 
at  $2,248.  It  should  be  available  by  the  end  of 
this  month,  HP  says. 


Avocent  combines  analog  KVM  with  A. 

digital  KVM 

Avocent  has  announced  its  AutoView  1000R 
and  2000R,  new  all-in-one  keyboard,  video 
and  mouse  switches  that  combine  analog 
connections  and  Avocent’s  digital  KVM  via  IP 
switching  onto  one  switch.  Avocent s  AVWorks 
software  is  bundled  with  each 
switch  at  no  extra  charge. 

The  company  says  its  new  | 
switches  are  designed  for  com-  ||| 
panies  that  need  to  consolidate  1111 
control  of  multiple  servers  and 
extend  secure  access  to  users  outside  the 
data  center  or  in  remote  offices.The  1000R 
and  2000R  are  16-port  rack-mounted 
switches. 

Each  switch  supports  PS/2,  Sun  or  USB 
ports  via  an  AVR1Q  interface.  The  1000R 
costs  $3,200,  and  the  2000R  costs  $4,200. 
Go  to  www.avocent.com  for  more  details. 


The  Presario  2800  is  designed  to  integrate 
video  in  presentations  without  slowing  down 
the  performance. 
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Avocent's  new  switches  let  companies  consolidate  control  of 
multiple  servers  and  extend  secure  access  to  remote  users. 


Pocketec  ships  60G-byte  portable 
hard  drive 

The  size  of  portable  storage  keeps 
amazing  me.  Just  when  you  thought 
you’d  reached  the  limit,  another  com¬ 
pany  increases  the  space. 

Pocketec  recently  announced  a  60G-byte  version  of  its 


Pockey-DataStor  (it  already  pro¬ 
duces  20G-,30G-  and  40G-byte  ver- 
k  sions).  The  DataStor  measures  5 
i  by  3  by  0.5  inches,  and  requires 
I  no  power  supplies  (it  draws 
J  power  from  the  USB  port).  The 
i drive  is  USB  1.1-  and  USB  2.0-com- 
and  offers  transfer  rates  of 
bit/sec  with  USB  2.0. 

It  is  self-installing  under  Windows 
$000,  ME  and  XPDrivers  are  included 
for  Windows  98  users. The  drive  also 
:  is  compatible  with  Macintosh,  Linux 
:  and  DOS. 

^^KiPriced  at  $400,  it  is  available 
through  retailers.  Custom-colored 
■Eases  are  available  from  Fbcketec  at 

The  Orinoco  AP-2000  "Imrww.pock  etec.net. 

comes  with  VLAN  sup- 

channel  seiSn.'0  Proxim  shiPs  dual-mode  access 
point 

Proxim  is  now  shipping  its  Orinoco  5-GHz  kit  for  the 
dual-slot  Orinoco  AP-2000  to  give  customers  an  upgrade 
to  802.1  la  wireless  LANs. The  company  also  announced 
Release  2.0  software  that  aims  to  ease  installation. 

The  kit  includes  an  802.11a  CardBus  card  that  inserts 
into  one  of  the  slots  of  any  AP-2000  access  point  with 
attached  high-gain  dual-diversity  antennas,  the  company 
says.  The  software  includes  virtual  LAN  support,  ultra 
high-density  cell  size,  and  automatic  channel-selection 
features.  The  VLAN  support  will  enable  simultaneous 
operation  of  two  independent  wireless  networks  on  the 
same  access  point.  The  VLAN  function  works  with  exist¬ 
ing  VLAN  networks. 

The  AP-2000  costs  $900, and  the  5-GHz  kit  costs  $250.  For 
more  information,  go  to  www.proxim.com. 

Shaw  can  be  reached  at  kshaw@nww.com. 


Lots  of  companies  can  sell  you  technology.  CDW  can  configure  your  technology 


to  your  specifications.  From  software  to  servers  to  routers,  we  make  sure  your 
order  is  configured,  tested  and  shipped  just  the  way  you  want  it.  Most  of 
the  time,  even  the  same  day.  So  you  save  time,  gain  peace  of  mind  and  get 
systems  you  can  use,  right  out  of  the  box.  And  we  keep  doing  it,  1500  times 
a  day.  To  find  out  more,  call  or  visit  our  Web  site. 
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EDITORIAL 

John  Dix 

A  cage  for  the 
viruses  that 
get  in 

Although  the  recent  NetWorld+Interop  show  in  Atlanta 
was  unusually  quiet,  one  company  that  made  a 
splash  was  SentryBaya  newcomer  offering  software 
designed  to  prevent  the  spread  of  e-mail  viruses. 

The  start-up  says  the  world  needs  its  product  because, 
even  though  most  organizations  use  antivirus  software, 
we  all  know  that  some  viruses  and  worms  always  man¬ 
age  to  get  in. When  they  do,  SentryBay’s  ViraLock  is  de¬ 
signed  to  prevent  them  from  getting  back  out,  saving  you 
the  embarrassment  of  infecting  customers,  partners  and 
colleagues. 

ViraLock  achieves  this  by  encrypting  e-mail  addresses 
kept  in  Microsoft  Outlook  and  Outlook  Express  (run¬ 
ning  on  Windows  98,  ME,  NT,  2000  and  XP).  SentryBay 
plans  to  add  versions  for  Netscape,  Eudora,  Pegasus 
Mail  and  Juno. 

Most  viruses  that  use  e-mail  to  propagate  arrive  with 
their  own  SMTP  engine,  harvest  your  addresses  and  start 
to  blast  away  Because  ViraLock  encrypts  mail  addresses, 
an  infected  desktop  will  start  generating  nondeliverable 
messages  when  a  virus  tries  to  send  mail,  alerting  users  to 
the  fact  that  something  nefarious  is  going  on. 

Users  can  decrypt  addresses  by  entering  a  password,  but 
otherwise  ViraLock  simply  unscrambles  them  in  back¬ 
ground  mode  as  the  client  mail  program  sends  messages. 
Viruses  that  try  to  use  the  client  program  to  propagate  will 
run  into  another  roadblock:  ViraLock  blocks  distribution  of 
all  messages  with  potentially  problematic  attachments. 
Attachments  that  are  known  to  be  harmless,  such  as  GIFs 
and  JPEGs, are  allowed  through.  But  attachments  with 
extensions  such  as  .EXE,  .DLL  and  .VBE  require  the  user  to 
enter  a  password  before  they  can  be  forwarded. 

Attachments  that  fall  in  the  middle  ground  —  neither 
trusted  nor  known  to  be  dangerous  —  require  user  confir¬ 
mation  before  they  are  sent. 

While  clever  and  potentially  valuable,  one  wonders  if 
companies  will  be  inclined  to  use  software  that  mucks 
with  their  core  mail  systems.  I  imagine  that  would  be  a 
deal  breaker  for  many. 

And  the  other  big  question  is  whether  companies  will  be 
willing  to  let  users  encrypt  addresses  using  personally 
managed  keys.That  could  lead  to  some  interesting  help¬ 
desk  calls. 

But  if  the  thought  of  passing  viruses  on  to  key  business 
partners  gives  you  the  willies, ViraLock  might  be  worth  a 
look. The  downloadable  desktop  product  will  be  available 
Oct.  15  for  $20  (volume  discounts  available), and  Sentry- 
Bay  says  the  server  version  will  be  out  later  this  year  and 
priced  in  the  mid-$20  range. 

—  John  Dix 
Editor  in  chief 
jdix@nww.com 
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Cleaning  up  scumware 

After  reading  the  story  “Critics  decry  spread  of 
‘scumware’  on  the  Web”(www.nwfusion.com,  Doc- 
Finder:  2324),  1  found  it  comical  that  on  download¬ 
ing  the  recommended  removal  utility  Ad-aware  I 
was  prompted  to  also  install  Gator  software.  I  just 
thought  I  would  share  this  little  bit  of  irony 

Michael  Bobo 
Birmingham, Ala. 

Regarding“Critics  decry  spread  of‘scumware’  on  the 
Web”:  Simple,  cheap,  server  appliance  software  lets 
service  providers  charge  content  providers  for 
access  to  subscriber  display  real  estate.  As  was  point¬ 
ed  out  in  the  story  no  modification  or  violation  of 
the  content  providers  copyrighted  content  takes 
place.  Whether  the  original  content  is  displayed  full¬ 
screen  or  in  a  single  pixel  depends  on  how  much 
the  content  provider  or  subscriber  is  willing  to  pay 

Millions  of  AOL  subscribers  know  the  value  of  leas¬ 
ing  screen  real  estate  and  interpolating  highly  gran¬ 
ular  demographic  data  on  behalf  of  content  pro¬ 
viders.  imagine  what  the  Internet  will  be  like  when 
every  access  service  provider  and  wireless  provider 
can  cheaply  and  scalably  replicate  the  business 
model  that  made  AOL  so  successful,  right  down  to 
keyword-enabling  the  browser  address  input,  with¬ 
out  the  need  for  plug-ins, special  browser  software  or 
any  client  modification. 

In  the  new  order  of  pervasive  Internet  availability 
whoever  owns  the  pipes  also  controls  the  display 
real  estate,  and  can  charge  accordingly  The  display 
begins  in  the  access  providers  network  —  scum¬ 
ware  is  a  short-lived  phenomenon.  When  service 
providers  look  past  hauling  bits  and  figure  out  how 
much  power  they  have  over  the  presentation  of  In¬ 
ternet  content,  it  will  mark  the  emergence  of  a  new 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  Editor  In 
Chief,  Network  World,  118  Turnpike  Road,  Southborough,  MA  01772 
Please  include  phone  number  and  address  for  verification. 


era.  And  if  content  providers  want  access  to  sub¬ 
scribers,  they’ll  have  to  have  the  highest  bid. 

Pciul  Frommeyer 
Director 
NetDestiny  Systems 
Austin,  Texas 

RBOGs  and  MPLS 

As  always,  Thomas  Nolle  has  gone  straight  to  the 
heart  of  current  issues  in  the  industry  (“RBOCs.ATM 
and  MPLS,”  DocFinder:  2325).  However,  to  put  forth 
the  statement  that  “the  vendors  won’t  let  [the  RBOCs 
implement  MPLS]”  as  explanation  for  the  RBOCs’ 
lack  of  progress  toward  a  label-switching  architec¬ 
ture  is  a  very  contentious  position. 

Vendors  have  every  reason  to  go  to  a  label¬ 
switching,  packet-based  architecture. The  resource 
consumption  inherent  in  cell-based  transport, 
even  with  the  predictable  increases  in  processing 
capacity,  will  continue  to  impose  an  unacceptable 
(and  perhaps  irresolvable)  burden  on  the  edge 
device,  where  the  function  of  performing  the 
deconstruction/reconstruction  task  familiar  in 
ATM  networks  resides.  Given  the  goal  of  the 
provider  —  to  move  data  most  efficiently  and  eco¬ 
nomically  from  one  point  to  another  —  spending 
expensive  processing  resources  on  translation 
between  packet  and  cell  prevents  those  same 
resources  from  transferring  data. 

I  suggest  the  RBOCs’  reluctance  could  be  financial. 
The  equipment  that  comprises  the  legacy  ATM  infra¬ 
structure  has  been  fully  amortized,  and  thus  rev¬ 
enues  generated  are  at  their  maximum  value.  The 
RBOCs  have  no  incentive  to  make  new  capital 
expenditures  until  some  ancillary  factor  forces  their 
adoption  of  a  new  architecture. 

Robert  Downing 
Senior  marketing  manager 
Larscom 
Milpitas,  Calif. 
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TOTALLY  UNPLUGGED 

Ira  Brodsky 


f  hen  terrorists  struck  our  shores,  we  fi¬ 
nally  understood  our  national  security 
needs  had  changed.  Conventional  mil¬ 
itary  hardware  —  tanks  and  bombers  —  is 
still  required  to  fight  hostile  states.  But  detect¬ 
ing  and  thwarting  terrorists  operating  in  small 
cells  demands  an  entirely  new  set  of  tools. 
Our  government  has  not  done  enough  to  acquire  these  tools. 

We’ve  created  a  new  bureaucracy  formed  committees  and  issued  re¬ 
ports.  We  should  be  rallying  Americas  high-tech  entrepreneurs  to  de¬ 
velop  and  produce  the  intelligent  devices,  ubiquitous  networks  and 
powerful  software  needed  to  stop  terrorists  before  they  strike  again. 

Networks  are  crucial  to  defeating  terrorism.  Overseas,  we  are  using 
networks  to  spy  on  terrorist  groups,  conduct  raids  and  manage  battle¬ 
field  operations.  We  need  to  do  more  at  home,  employing  networks  to 
spot  weapons  of  mass  destruction,  monitor  hazardous  shipments  and 
detect  suspicious  patterns  of  activity 
One  of  our  biggest  fears  is  that  terrorists  will  strike  a  major  population 
center  using  a  “dirty  bomb”  or  even  a  suitcase  nuclear  weapon.  Con¬ 
trary  to  what  some  experts  say, such  attacks  can  be  prevented.  We  need 
to  ensure  all  border  crossings  are  fully  equipped  to  detect  radioactive 
materials,  lead  shielding  and  conventional  explosives.  But  what  if  ter¬ 
rorists  manage  to  sneak  materials  for  assembling  a  suitcase  nuclear 
weapon  or  dirty  bomb  into  the  country  anyway?  We  must  build  net¬ 
works  of  radiation  sensors  around  our  major  cities,  nuclear  power 


Enlisting  networks  to  fight  terror 


plants  and  military  bases. 

Another  concern  is  that  terrorists  might  hijack  a  fuel  truck,  drive  it  to 
a  target  and  blow  it  up. The  technology  to  prevent  this  is  available  now. 
Mobile  satellite  networks  can  track  vehicles  transporting  hazardous 
materials,  remotely  disabling  their  engines  if  they  travel  outside  their 
prescribed  routes.  Regulations  and  tax  incentives  should  be  put  in 
place  to  ensure  all  tank  truck  operators  implement  such  capabilities. 

Networks  also  can  help  prevent  legitimate  shipments  from  being 
stolen.  Freight  containers  can  be  equipped  with  “active”  radio  frequen¬ 
cy  identification  tags  that  transmit  alerts  when  containers  are  opened 
or  removed  from  flatbed  trucks  or  rail  cars. 

Some  types  of  attacks,  particularly  those  involving  biological  agents, 
are  most  effective  when  carried  out  surreptitiously  Networks  can  be 
used  to  spot  disease  patterns  and  detect  suspicious  purchases  that 
might  lead  us  to  terrorists  producing  chemical  weapons  or  explosives. 

We  know  terrorists  use  the  Internet  to  raise  money  and  spread  pro¬ 
paganda.  But  we  are  not  obligated  to  let  them  use  our  communications 
infrastructure  to  plan  and  conduct  attacks.  With  the  right  technology 
and  legal  safeguards,  we  can  eavesdrop  on  terrorists  without  sacrificing 
legitimate  rights  and  privacy  While  terrorists  have  proved  they  can  bor¬ 
row  our  technology  to  commit  evil,  we  have  an  overwhelming  techno¬ 
logical  advantage  —  if  only  we  can  muster  the  will  to  fully  exploit  it. 


Detecting  and 
thwarting  terror¬ 
ists  operating 
in  small  cells 
demands  an 
entirely  new 
set  of  tools. 


Brodsky  is  president  of  Datacomm  Research  in  Chesterfield,  Mo.  He 
can  be  reached  at  ibrodsky@datacommresearch.  com. 


REALITY  CHECK 

Thomas  Nolle 


Early  this  year,  it  looked  like  Chairman 
Michael  Powell’s  Federal  Commun¬ 
ications  Commission  was  on  track  to 
make  substantive  changes  to  the  way  the 
regional  Bell  operating  companies  were  reg¬ 
ulated,  with  the  goal  of  jump-starting  DSL 
deployment  and  overall  modernization  of  the  public  network.  Given 
that  the  RBOCs’  competitors  are  pretty  much  dead  or  dying,  this 
move  seemed  the  only  hope  for  an  industry  in  a  terrible  slump. 

Now,  as  we  enter  fall,  it  looks  like  Powell  got  cold  feet.  When 
WorldCom  tumbled  into  Chapter  1 1 ,  he  apparently  decided  that  pro- 
RBOC  regulatory  shifts  might  further  complicate  WorldCom’s  already 
murky  future  prospects  and  compromise  AT&T  and  Sprint  as  well.  At 
any  rate,  the  FCC  has  been  silent  this  summer,  and  there’s  been  no  real 
progress  in  broadband  modernization. 

Suppose  that  Powell  is  responding  to  fears  of  later  being  accused  of 
driving  the  interexchange  carriers  (IXC)  out  of  business.Two  questions 
then  arise.  First,  is  FCC  foot-dragging  going  to  have  a  negative  affect  on 
the  market  in  2002?  Second,  would  holding  back  on  reform  even  be 
helpful  to  the  lXCs,and  WorldCom  in  particular? 

The  sad  truth  is  that  we’ve  probably  already  lost  as  much  momentum 
on  broadband  modernization  as  we’re  going  to  lose.  The  equipment 
markets  for  this  fall  could  have  been  rejuvenated  by  carrier  investment 
in  broadband  comsumer  services  had  the  FCC  taken  even  basic  steps 
to  give  the  RBOCs  more  incentive  to  invest.These  would  have  included 
declaring  the  Internet  an  information  service  and  offering  the  RBOCs 
immunity  from  having  to  unbundle  elements  of  DSL  infrastructure. 
Even  if  the  FCC  ordered  those  minimal  changes  —  and  more  —  today 
there  would  be  no  hope  of  saving  this  year’s  market. 

What’s  going  to  happen  now  is  that  the  RBOCs  will  chase  the  only 
new-to-them  revenue  sources  remaining:  long-distance  voice  and  data. 
They’ll  start  pursuing  the  business  voice/data  market  on  a  large  scale 
next  year,  which  will  further  erode  IXC  profits. 

That  leads  us  to  the  question  of  whether  the  FCC’s  stonewalling  will 
even  help  WorldCom  and  the  IXCs.How  is  a  market  in  which  RBOCs  try 


FCC  fails  at  regulatory  reform 


to  suck  the  lifeblood  of  IXC  financial  stability  less  likely  to  threaten  the 
IXCs  than  a  market  in  which  the  RBOCs  invest  in  developing  new  con¬ 
sumer  broadband  services?  Could  it  be  that  this  is  politics  again?  Pass 
a  law  or  issue  an  order  that  can  be  made  to  look  like  it’s  threatening 
WorldCom  or  its  cousins  in  the  IXC  space,  and  you’re  accountable.  Do 
nothing  and  threaten  their  stability  even  more,  and  you  can  just  join  the 
other  hand-wringers  who  will  decry  the  industry’s  sad  position  in  2003 
or  2004,  when  all  the  IXCs  are  visibly  unstable. 

It’s  clear  that  the  good  of  the  industry  has  gotten  mired  in  a  combi¬ 
nation  of  partisan  politics  and  lobbying.This  is  the  last  soft-money  year, 
isn’t  it?  Could  it  be  that  politicians  are  reluctant  to  move  on  regulatory 
reform  before  all  the  dollars  are  sucked  out  of  contributor  pockets?  But 
even  if  that’s  so,  the  FCC  should  be  above  all  this. 

IXC  margins  are  reported  to  the  FCC,  and  they’ve  shrunk  consis¬ 
tently  since  1996.  Where  was  the  FCC?  The  current  revenue  crunch 
has  been  predictable  for  anyone  who  wants  to  read  the  record,  and 
the  consequences  just  as  predictable.  Falling  margins  have  converted 
the  stalwart  RBOCs  into  next-to-junk  debt  on  Wall  Street.  Flow  can  an 
industry  of  financial  weaklings  step  up  and  change  the  face  of 
telecommunications? 

This  financial  stress  on  the  major  carriers  has  resulted  not  from  over¬ 
all  economic  conditions,  but  from  lack  of  insight  among  the  regulators, 
or  lack  of  determination  to  do  the  right  thing.  WorldCom,  AT&T  and 
Sprint  are  now  going  to  be  forced  to  focus  on  protecting  their  current 
revenues  —  revenues  the  RBOCs  are  being  forced  to  attack. 
Infrastructure  investment  will  focus  more  on  traditional  services  and 
equipment  than  it  should, and  the  age  of  new  consumer  and  enterprise 
broadband  services  will  be  deferred  until  after  2005. 

I’m  disappointed  in  Washington  in  general,  but  in  Powell  and  his  FCC 
in  particular.  For  all  their  professed  zeal  to  deregulate  the  RBOCs  and 
ignite  the  market,  they’ve  effectively  continued  the  policies  of  the  past, 
and  we’re  now  facing  real  hurt  because  of  their  mistakes. 


It’s  clear  that  the 
good  of  the 
industry  has  got¬ 
ten  mired  in  a 
combination  of 
partisan  politics 
and  lobbying. 


Nolle  is  president  of  CIMI  Corp.,  a  technology  assessment  firm  in 
Voorhees,  N.J.  He  can  be  reached  at  tnolle@cimi  corp.com. 


OUT  OF  CONTROL? 
NOT  ON  OUR  WATCH. 


Introducing  PeopleSoft  Supplier  Relationship  Management.  The  only  solution  to  manage  all  of 
your  enterprise  spend  in  real-time. 

PeopleSoft  SRM  enables  you  to  proactively  control  all  of  your  enterprise  spend— from  direct 
goods  to  indirect  goods  to  capital  assets  to  services.  And  because  you  are  connected  to  all  of  your 
suppliers  over  the  Web,  you  can  manage  it  all  in  real-time,  and  always  act  before  it's  too  late. 

Learn  more  by  visiting  us  at  www.peoplesoft.com/srm  or  call  1-888-773-8277 
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Technology  style.  If  only  choosing  the  right  technology  for  your  company 
was  as  easy  as  picking  a  hairstyle.  Imagine  telling  a  vendor,  “Let  me  try  that 
new  instant-messaging  server  this  time  around,  that  software  I  bought  from  you 
last  month  just  isn’t  doing  it  for  me. Takes  too  much  time  to  boot  up  in  the  morning." 

Of  course,  that  idea  is  as  outrageous  as  the  notion  of  fashioning  your  hair  into  a  beehive  or 
pompadour  for  a  day  at  the  data  center.  Truth  is,  you  need  to  stay  hip  to  the  latest  technology 
trends  without  going  to  extremes. Tomorrow's  coolest  networks  will  be  highly  scalable,  extend¬ 
able,  resilient  and  intelligent.  Your  goals  should  be  to  identify  technologies  that  will  get  your 
network  to  that  ideal  and  to  plot  a  migration  path  to  them. 

Investigating  budding  intrusion-prevention  tools  would  be  worthwhile,  for  example. 

Perhaps  you’ll  even  want  to  push  your  primary  security  vendors  to  get  with  the  buzz. These 
tools,  mostly  from  start-ups,  need  grooming,  but  they're  a  great  start  toward  the  goal  of 
staving  off  hackers. 

Likewise,  watch  what  vendors  are  up  to  regarding  Speech  Application  LanguageTags 
(SALT),  an  emerging  technology  that  supports  spoken  access  to  Web  information.  SALT 
could  come  in  handy  forWeb-based  self-service  and  call-center  applications. 

Your  choices  regarding  these  and  myriad  other  buzzy  technologies  will  determine  whether 
your  network  stays  strictly  utilitarian  or  takes  on  the  resiliency  and  intelligence  that 
make  it  an  enviously  competitive  tool. 

—  Beth  Schultz,  Editor,  Signature  Series,  bschultz@nww.com 

Never-fail  business  services  Page  56. 

Business  impact  management  software  takes  network  management  to  a  new 
level  by  assuring  service  levels  for  business  objectives. 


The  presence  factor  Page  70. 

Just  as  text-based  instant  messaging  begins  to  storm  the  enterprise,  its  next 
incarnation  —  presence  networking  —  takes  shape. 


From  intrusion  detection 
to  intrusion  prevention  Page  72. 

A  new  breed  of  security  tools  for  stopping  intruders 
shows  promise,  but  can't  be  entirely  trusted  yet. 
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In  the  spin  cycle  Page  84. 

Take  a  quick  whirl  through  six  emerging  technologies  working  up  real  buzzes. 


Buzz  online: 

Head  to  www.nwfusion.com/buzz/2002/ 

for  more  Buzz. You’ll  find  our:  Networking  Encyclopedia,  featuring 
definitions  of  more  than  200  technology  terms;  research  pages,  for  educating 
yourself  on  the  network  technologies;  and  audio  primers,  providing  updates  on 
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Shakin’  on  the  SALT  Page  62. 

The  proposed  SALT  standard  for  speech-enabling  Web  content 
promises  to  make  self-service,  call  center  and  other  such 
applications  more  appetizing. 


Securing  Web  services  Page  64. 

With  three  standards  bodies  cooking  up  more  than  a  dozen  Web  services  security 
protocols,  overlap  and  confusion  is  inevitable —  but,  fortunately,  not  everlasting. 

Application  integration  aspirations  Page  68. 

Enterprise  application  integration  vendors  have  entered  the  business  process  manage¬ 
ment  fray  with  integrated  wares,  but  some  question  whether  that  approach  is  feasible. 
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Business  impact  management  software 
takes  network  management  to  a  new  level 
by  assuring  service  levels  for  business 
objectives. 
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hen  a  persistent  application  failure  threatened  to  ruin  a  business  partnership  for  Zurich  Life.  IT 
executive  Timothy  Hagn  turned  to  a  new  type  of  software  that  manages  business  services  across 
networks,  systems,  servers,  applications  and  databases.  Now  when  that  application  starts  going 


bonkers,  Hagn  can  straighten  it  out  before  the  business  partner  knows  anything  is  amiss. 


When  Hagn  bought  Hewlett-Packard's  Open  View 
Service  Navigator  to  solve  the  business  problem  in 
early  2001,  the  vice  president  of  IT  operations  and 
engineering  at  Zurich  Life  didn’t  realize  he  was  par¬ 
taking  in  what  has  become  one  of  the  hottest  trends 
to  hit  the  network  management  industry.  HP’s  software 
is  among  a  growing  number  of  tools  that  fall  under 
the  new  business  impact  management  (B1M)  cate¬ 
gory.  These  tools  come  by  their  name  because  they  let 
IT  managers  incorporate  business  objectives  into  their 
network  management  software. 

Because  B1M  can  ease  communication  of  business 
needs  to  IT  staff,  it  promises  to  help  improve  a  compa¬ 
ny’s  partner  and  customer  relationships,  and  increase 
employee  productivity.  BIM  proponents  even  go  so  far 
as  to  say  the  software  can  save  and  make  money  for 
companies. 

Yet,  like  anything  new,  BIM  needs  polishing.  While 
BIM  software  can  correlate  the  performance  of  many 
elements  so  they  can  be  managed  as  a  single  business 


“Now  we  can  tell  who  in  terms  of  applications  and  return  on  investment  and  total  cost  of  ownership  of  the 

what  in  terms  of  servers  are  affected  by  an  outage  or  IT  infrastructure  in  response  to  internal  corporate  pres- 

device  failure.”  sures. 


What’s  more,  the  BIM  tool  has  helped  the  IT  team 
increase  its  services  to  students  and  faculty  while 
maintaining  its  current  staff  size. 

The  short  and  sweet  of  it  is,  Smarts  can  spot  a  prob¬ 
lem  with  amazing  accuracy,  and  we  didn't  have  to  hire 
another  systems  administrator  to  use  it,”  says  Brian 
Jones,  manager  of  network  engineering  and  opera¬ 
tions  at  the  school. 


Beyond  technology  metrics 

As  Hagn  and  the  team  at 
Virginia  Tech  will  attest.  BIM 
can  aggregate  and  correlate 
performance  data  such  as 
response  time  across  network 
devices,  systems,  databases,  and 
Web  and  applications  servers.  And 
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“BIM  tools  have  picked  up  in  popularity  more 
recently  because  the  business  side  of  the  house  is 
demanding  it,” says  Glenn  O'Donnell,  a  research  direc¬ 
tor  with  Meta  Group. 

More  than  just  software 

While  features  vary  among  vendors,  BIM  software  is 
an  add-on  to  a  network  management  system.  Network 
managers  install  the  software  on  a  dedi¬ 
cated  server  usually  adjacent  to  the  net- 
LS  work  management  server. Then  IT 

creates  n  id  els  of  the  business- 

order  entry  and  customer-facing 
V  applications,  it  wants  to  manage. 

These  models  are  virtual  topologies 
Of  all  elements,  including  user  desk- 


service,  it  can  cost  a  lot  and  take  considerable  hands- 
on  configuration  to  prove  its  worth  in  specific  busi¬ 
ness  environments. 

Still,  for  Hagn,  tracking  service  levels  across  what  he 
calls  the  silos  of  network  management  —  networks, 
systems, servers,  applications  and  databases  —  has 
become  a  business  strategy.“lt’s  a  move  from  reacting 
to  problems  to  proactively  controlling  how  we  deliver 
service,”  hfe  says.  ' 

IT  managers  at  Virginia  Polytechnic  Institute  and 
State  University  in  Blacksburg  say  the  same. Since 
deploying  Smarts’  IhCharge  Application  Services 
Manager  in  May  2001,  the  IT  team  there  has  stopped 
chasing  down  "red  icons”  and  started  “intelligently  iso- 


-  v  ...  lating  problems,” says  Carl  I  larris,  director  of  network 

engineering  and  operations  at  Virginia  Tech. 


.v,  \  “In  the  past,  we  found  out  about  problems  and  who 

i  ■■  :  was  affected  in  sort  of  an  ad  hoc  fashion;  there  was  a 


lot  of  guessing  and  a  lot  of  phone  calls,”  1  larris  says. 


unlike  its  first  cousin,  service-level 
management  software  (see  related 
story,  page  58), a  BIM  tool  can  man¬ 
age  across  these  elements  in  real 
time  and  monitor  hardware  and 
software  for  more  than  technology 
metrics. 

The  earliest  BIM  product  became 
available  in  1997,  when  Managed 
Objects  released  its  Formula  soft¬ 
ware  as  a  “business  services  manage¬ 
ment”  tool.  But  the  BIM  buzz  really 
didn’t  start  until  this  April,  when 
IBM’s  Tivoli  software  division  coined 
the  phrase  with  the  release  of  its 
Service  Level  Analyzer  product. 

BIM  tools  have  become  a  vendor 
focus  this  year  in  the  down  economy. 
Companies  are  concentrating  on 
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...of your 
BIM  tool  vendors 


•  Does  the  software 
include  modeling 
technology  that  will  let 
me  create  a  topological 
map  of  the  elements, 
including  user  desktops, 
that  a  business  process 
uses  to  complete  its 
service  delivery? 


•  How  long  will  it  take  to 
get  the  software 
installed  and  providing 
results? 


•  How  much  manual 
input  will  be  required  to 
get  the  software  to  work 
properly  on  my 
enterprise  network? 


•  How  open  is  the 
software  architecture? 


Issue  www.nwfusion.com/buzz/2  002/ 


tops, an  application  must  touch  to  ful¬ 
fill  a  user  request. 

BIM  isn't  only  about  software.  IT  staff 
must  meet  with  business  leaders  to  get 
an  idea  of  how  they  want  to  see  the 
network  perform.  For  example,  execu¬ 
tives  at  an  online  trading  company 
might  want  its  application  to  simultane¬ 
ously  support  100  trades  per  second. 
With  that  request  in  mind,  the  IT  depart¬ 
ment  then  would  have  to  configure  the 
network  and  prioritize  traffic  to  deliver 
on  that  metric.The  process  would 
require  several  components  working  in 
concert  to  deliver  the  requested  service 
level. 

Once  the  software,  loaded  with  those 
business  requirements,  is  fully  installed, 
BIM  tools  collect  performance  data 
from  hardware  devices  and  other  soft¬ 
ware  tools  in  tracking  services  across 
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BIM  software 
stopped  ad- 
hoc  problem 
solving  for 
Carl  Harris. 


Brian  Jones 
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multiple  network  components. 

The  tools  also  can  be  config¬ 
ured  to  receive  filtered  events 
and  alerts  from  the  network 
management  system  based 
on  service  levels  network 
managers  wish  to  meet. 

BIM  software  can  then 
aggregate  the  data  and  cor¬ 
relate  it  against  predefined 
(either  out-of-the-box  by 
the  vendor  or  customized 
by  users)  performance 
requirements  to  spot 
behavior  abnormalities. 

When  a  potential  prob¬ 
lem  arises,  the  software 
can  alert  network  man¬ 
agers  of  the  probable 
source  and  then  IT 
staff  can  take  action 
to  prevent  the  prob¬ 
lem  from  affecting 
business  services  or 
users. 


Onus  on  the 
user 

A  good  BIM 
product  will  have 
hooks  into  many 
third-party  hard¬ 
ware  devices 


and  software 


A  barrel 
of  BiM  products 

Here’s  a  sampling  of 
business  impact  management  products. 


BMC 

Software 

Patrol  for  Service 

Level  Management 

Entuity 

Eye  of  the  Storm 

Hewlett- 

Packard 

OpenView  Service 

Navigator 

IBM  Tivoli 

Service  Level  Analyzer 

Managed 

Objects 

Formula;  Service  Level 

Analyzer 

Micromuse 

Netcool/SLA  Manager 

Panacya 

bAware  COv< 

Smarts  InCharge  Application 

Services  Manager 


‘‘[BIM  software  is]  a  move  from  reacting 
to  problems  to  proactively  controlling 
how  we  deliver  service.” 

Timothy  Hagn,  vice  president  of  IT  operations  and  engineering,  Zurich  Life 
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applications 
so  it  can  pull 

performance  data  from  multiple  sources, 
but  vendors  obviously  cannot  include 
data  specific  to  a  customer’s  line  of  busi¬ 
ness.  Users  must  be  willing  to  define  the 
services  that  are  to  be  managed. They 
must  then  put  into  the  software  the 
knowledge  of  how  their  specific  network 
devices  and  applications  perform. 

“The  tool  is  only  as  smart  as  you  and 
your  applications  team  are,”  Zurich  Life’s 
Hagn  says.“The  information  is  already 


there;  you  have  to  decide  how 
to  carve  it  to  best  support 
your  business  services.” 

Yet  the  team  at  Virginia 
Tech  report  it  only  took 
an  afternoon  of  meet¬ 
ings  with  business 
managers  to  map  out 
objectives  and  a  few 
days  of  software  con¬ 
figuration  to  get 
Smarts'  software  up 
and  monitoring  the 
school’s  business  ser- 
vices.The  physical 
installation  was  incredibly 
easy  and  the  software  dis¬ 
covered  our  entire  network  in 
less  than  three  hours,” 

Jones  says. 

Virginia  Tech  might  be  the  excep¬ 
tion,  according  to  some  industry  watch¬ 
ers.  In  truth,  the  amount  of  manual  con¬ 
figuration  required  makes  others  leery  of 
empty  out-of-the-box  feature  promises. 

Jean-Pierre  Garbani.a  director  with 
Giga  Information  Group,  says  that  while 
available  BIM  products  are  useful,  they 
cannot  solve  some  inherent  problems  in 
managing  business  services  with  tech- 
nology.“it’s  difficult  to  translate  business 
objectives  into  anything  that  is  measur¬ 
able  on  an  infrastructure,”  he  says. 

When  vendors  and  IT  departments  find 


a  way  to  convert  objectives  passed  along 
from  business  units  into  understandable 
and  measurable  technology  metrics,  net¬ 
work  managers  might  then  be  able  to 
achieve  accurate  business  service  assur¬ 
ance,  Garbani  says.  For  now,  IT  users  can 
benefit  from  the  real-time  discovery  of  net¬ 
work  and  application  topologies,  and  the 
problem  isolation  these  tools  offer,  he  says. 

Meta’s  O’Donnell  agrees.  He  says  the 
upfront  work  —  and  follow-up  change 
management  when  network  elements  are 
added  or  removed  —  could  deter  enter¬ 
prise  users  looking  for  a  quick  fix  to  their 
service  management 
woes.  He  says  the 
extensive  configura¬ 
tion  some  of  these 
tools  require  could 
be  even  more  of  a 
deterrent  than 
the  hefty  price 
tag  on  most  of 
these  software 
add-ons.  Prices 


range  from  $50,000  to  more  than  $1  mil¬ 
lion,  depending  on  the  vendor  and  the 
enterprise  implementation. 

“Users  cannot  expect  to  do  this  manual 
effort  on  a  wide  variety  of  services  yet, 
especially  services  that  are  very  dynamic 
in  how  they  use  the  underlying  infra¬ 
structure,”  O’Donnell  says. 

Still,  he  credits  vendors  with  adequately 
building  models, aggregating  data  and 
linking  service  components  to  manage¬ 
ment  information  such  as  performance 
and  status.  But  taking  BIM  software  to  the 
next  level  is  going  to  be  tough,  he  says. 

“Future  developments 
in  terms  of  auto- 
discovering  more 
complex  relation¬ 
ships  are  necessary 
for  this  to  work,” 
O’Donnell 
says.’T  see  this 
evolution  as 
being  a  diffi¬ 
cult  one.”B 
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Same  software,  different  name? 

Business  impact  management  software  resembles  service-level  management  tools,  but  I  ey  have  critical  differences. 


NETWORK 

LATENCY! 


within  2  seconds,  the  network  staff  has  to  determine 
how  to  configure  all  the  devices  and  a  [plications 
that  touch  the  business  service  to  guarantee  the 
response  time.  Many  tools  of  the  past  could 
guarantee  servers  stay  available  99.99%  of  the 
time,  but  meeting  one  metric  cannot  guarantee 
a  Web  page  will  deliver  its  content  within  2  sec¬ 
onds. 

SLM  software  can  track  the  availability  of,  say,  a 
network  switch,  a  Web  server,  an  application  serv¬ 
er  and  a  database.  But  even  if  each  element  deliv¬ 
ers  on  its  99.99%  availability,  the  network  may  not 
meet  service-level  agreements  (SLA)  requiring 
99.99%  uptime.  When  users  aggregate  the  perfor¬ 
mance  data,  such  as  response  time,  availability  and 
network  latency,  and  add  the  metrics  from  the  four 
separate  elements,  the  actual  availability  of  all  the 
components  working  as  one  unit  might  fall  below  the 
SLA  measure. 

Today's  BIM  tools  aim  to  aggregate  the  performance 
data  in  real  time  and  prevent  service  levels  from  drop¬ 
ping  before  end  users  can  be  affected.  Many  of  the 
new  software  offerings  include  modeling  technology 
that  lets  network  managers  group  the  network 
devices,  application  and  Web  servers,  and  databases 
that  a  business  service  requires  as  one  managed  unit 
The  software  can  pinpoint  where  in  that  unit  a  perfor¬ 
mance  degradation  has  occurred  and  let  network  man¬ 
agers  know  what  users  and  business-critical  process¬ 
es  will  be  affe  ted. 

"The  industry  is  moving  to  a  model  of  service  assur¬ 
ance,"  Garbani  says.  "All  these  disparate  service  lev¬ 
els  must  be  aggregated  in  real  time." 

—  Denise  Dubie 


Is  it  asset  management  or  inventory  management? 
Configuration  management  or  change  manage¬ 
ment?  Service-level  management  or  business 
impact  management? 

Often  in  the  high-tech  industry,  users  must  dis¬ 
sect  the  language  used  to  describe  a  product 
before  they  can  determine  if  they  want  the  technol¬ 
ogy.  Aligning  IT  with  business  objectives  to  better 
manage  application  performance  is  the  latest 
trend  for  network  management  vendors.  New  prod¬ 
ucts  from  vendors  such  as  BMC  Software, 

Managed  Objects  and  Micromuse  claim  to  manage 
service  levels  across  multiple  network  elements, 
databases  and  servers  to  keep  application  perfor¬ 
mance  on  track. 

With  all  the  talk  of  service  levels,  users  could  think 
new  BIM  tools  might  just  be  old  SLM  products 
repackaged  with  a  trendy  new  name.  But  industry 
watchers  say  otherwise. 

"BIM  could  be  considered  an  evolution  of  sorts," 
says  Glenn  O'Donnell,  research  director  at  Meta 
Group.  ■ 

-  BjM  tools  are  an  extension  of  SLM  software  in  that 
they  took  to  ensure  services  are  delivered  accurately 
and  efficiently. The  driving  force  behind  the  BIM 
buz?,  he  adds,  is  the  trend  to  focus  on  business 
objectives.  ,V 

•  ‘'The  demand  for  these  products  exists  right  now 
because  IT  organizations  are  more  strongly  being 
ToYpbd  to  demonstrate  their  value  to  the  business," 
OTHjnneU  says.  “These  products  can  offer  good  vis¬ 
ibility  to  help  network  managers  understand  busi- 
nessrhefated  issues." 


And,  a  fundamental  difference  exists  between  SLM 
and  BIM  offerings. 

“SLM  is  a  verification  that  a  service  is  delivered 
the  way  it’s  predefined  to  be  delivered,  and  that's 
typically  very  IT-oriented,”  says  Jean-Pierre  Garbani, 
a  research  director  with  Giga  Information  Group.  He 
says  the  rules  and  thresholds  written  for  SLM  soft¬ 
ware  use  technology  terms  such  as  network  latency 
and  server  response  time.  Whereas  BIM  software 
requires  IT  staff  to  configure  the  technology  based  on 
business  objectives. 

For  example,  if  a  top  company  executive  wants  the 
e-commerce  page  to  respond  to  an  end-user  request 
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Winning  with  Linux®  and  Intel?  Online  diversified  financial  services  company  E*TRADE  Group,  Inc.,  has  just 
installed  90  IBM  (©server  xSeries™  servers  running  Linux  to  support  their  E*TRADE  Financial  Web  site. 
Why?  Ease  of  use  and  Linux  driven  affordability  and  scalability.  Select  xSeries  models  feature  the  Intel  Xeon™ 
processor  to  give  you  superior  performance  and  cost-effectiveness.  To  receive  a  complimentary  DC  white  paper 
on  how  to  reduce  TOO  with  Linux,  head  over  to  ibm.com/eserver/etrade  fa  Fhy  7&  " 

All  numbers  and  results  reported  are  from  customer  sources.  This  customer  example  is  intended  as  an  illustration  only.  Costs  and  results  obtained  in  other  customer  environments  will  vary  depending,  among  other  things,  on  individual 
customer  configurations  and  conditions.  IBM,  the  e-business  logo,  e-business  is  the  game.  Play  to  win  and  xSeries  are  trademarks  or  registered  trademarks  of  International  Business  Machines  Corporation.  Linux  is  a  registered 
trademark  of  Linus  Torvalds.  Intel,  the  Intel  Inside  logo  and  Xeon  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries.  Other  company,  product  and  service  names  may 
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Another  Case 


—  By  Tony  Prigmore,  Senior  Analyst  at  Enterprise  Storage  Group 
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Storage  Knowledge  -  Business  Results 


Have  you  reached  the  point 
yet  where  some  of  the  pop¬ 
ular  storage  terminology 
has  lost  it’s  meaning?  Will 
you  ever  have  time  to  think  about 
how  you  are  going  to  deploy,  inte¬ 
grate,  and  leverage  important  stor¬ 
age  technologies  such  as  virtualiza¬ 
tion,  data  replication,  and  policy- 
based  management?  Ever  wondered 
how  your  peers  in  IT  that  stand  up 
and  tell  success  stories  at  storage 
trade  shows  and  user  groups  actual¬ 
ly  get  those  results?  You  know  the 
ones:  they  have  a  200TB  storage 
infrastructure,  running  as  an  SLA- 
based,  utility  model  and  IT  profit 
center,  growing  at  75%  annually  that 
is  managed  by  1.5  perfectly  skilled 
storage  administrators;  they  lost 
their  primary  data  center  to  a  torna¬ 
do  during  year-end  close  but  effort¬ 
lessly  failed  over  to  their  secondary 
site  for  recovery.  Oh,  and  this  all 
occurs  without  their  users  knowing 
it  even  happened. 

The  answer  to  these  questions  is 
that  very  few  IT  professionals  have 
the  luxury  of  time  to  create  an  inter¬ 
nal  perspective  and  craft  a  sound 
strategy  that  helps  transform  them 
into  one  of  these  “super"  storage 
shops.  The  good  news  for  IT  profes¬ 
sionals  is  that  this  is  a  battle  they 
can  win,  there  is  hope,  and  in  this 
case,  it  is  found  by  examining  the 
simple  notion  of  networked  storage. 

Networked  Storage  defined 

Networked  storage  is  the  ticket  to 
the  game.  It  is  the  first  step  toward 
realizing  higher  value  from  storage 
which  ultimately  puts  you  on  a  path 
to  better  information  protection, 
improved  manageability  and  provi¬ 
sioning  of  storage  infrastructure. 
Networked  storage  is  fundamental  to 
enabling  important  business  require¬ 
ments  such  as  platform  and  data 
migration  frequently  associated  with 
consolidation  projects.  ESG  defines 
networked  storage  as  an  integrated 
architecture  that  serves  either  block 
or  file  storage  requirements  over 
Fibre  Channel  or  Ethernet  networks. 


Source:  Enterprise  Storage  Group,  June  2002 


The  key  to  this  definition  is  the 
“integrated  architecture”  and  the 
most  important  discussion  that  you 
should  have  with  your  vendors  is 
how  much  flexibility  of  services 
(block,  file)  do  I  get  and  how  can  I 
leverage  a  common  set  of  tools  to 
improve  or  unlock  efficiencies?  Gone 
are  the  days  of  debating  NAS  vs.  SAN; 
most  vendors  have  now  aligned 
products  (or  product  roadmaps)  in  a 
way  which  recognizes  that  IT  organi¬ 
zations  will  always  have  both  file  and 
block  storage  requirements.  Look  for 
a  vendor  who  is  equally  comfortable 
having  a  conversation  about  NAS  & 
SAN,  or  block  &  file.  Ultimately  you 
want  to  select  a  vendor  who  is  willing 
to  build  you  an  infrastructure  that 
addresses  your  needs  from  an  appli¬ 
cation  requirements  perspective. 

Networked  Storage  and 
Information  Protection 

Storage  decisions  have  subtle  but 
strong  chronological  dependencies. 
For  example,  it  makes  no  sense  to 
discuss  how  to  introduce  remote 
replication  into  storage  environ¬ 
ments  that  are  still  direct-attached. 
The  migration  to  a  networked  stor¬ 
age  environment  is  critical  to  achiev¬ 


Time 


ing  the  appropriate  level  of  protec¬ 
tion  without  creating  a  storage 
administrator’s  nightmare.  This  is 
true  for  both  replication  of  primary 
storage  as  well  as  backup  and  archiv¬ 
ing  of  data  to  secondary  storage. 
The  creation  of  a  centrally  managed 
storage  resource  has  well-proven 
implications  for  the  administration 
of  backup  (the  original  killer  app  for 
networked  storage)  as  well  as  more 
sophisticated  replication  that  can  be 
measured  in  most  TCO  models. 

Networked  Storage  and 
Policy-based  management 

In  all  well  managed  storage  envi¬ 
ronments  there  is  a  constant  drive 
towards  enhancing  the  level  of  over¬ 
all  IT  productivity.  This  might  begin 
with  documenting  and  enforcing 
process,  establishing  rules  or  poli¬ 
cies,  and  ultimately  preparing  for 
automated  management  of  storage. 
Again,  networked  storage  is  the  pre¬ 
requisite  to  establishing  a  compre¬ 
hensive  policy-based  environment 
as  the  storage  assets  are  managed 
against  utilization  objectives  and 
time  to  provision  objectives  much 
easier  than  a  direct-attached  storage 
environment. 


So  what  step  should  I  take  first? 

If  you  don’t  have  the  luxury  of  lots 
of  experienced  storage  staff,  your 
first  step  is  to  establish  for  your 
organization  the  networked  storage 
criteria  that  all  vendors’  solutions 
must  meet  before  they  are  selected. 
The  idea  here  is  to  preclude  or 
reduce  the  deployment  of  “point” 
solutions  that  may  have  the  best 
price  today  but  actually  create  more 
administrative  burden  over  time.  If 
your  staff  is  experienced,  they  can 
create  this  criteria  on  their  own,  but 
if  you  just  started  down  the  path 
towards  a  networked  storage  envi¬ 
ronment,  it’s  best  to  reach  out  to  an 
independent  solution  provider  or 
services  organization  for  assistance. 
These  firms  understand  how  impor¬ 
tant  the  requirements  phase  is  to 
long-term  success  with  storage,  and 
the  best  will  offer  a  systematic 
approach  to  capturing  and  docu¬ 
menting  these  requirements. 

The  second  step,  which  applies  to 
shops  that  already  have  SAN  and 
NAS  solutions  deployed,  is  to  deter¬ 
mine  precisely  what  storage  is  not 
networked.  Understanding  this  pro¬ 
vides  IT  with  the  opportunity  to  syn¬ 
chronize  consolidation  projects  at 
the  application  or  server  level  with 
storage  architecture  changes  that 
help  migrate  direct-attached  storage 
to  networked  storage. 

The  road  to  maximizing  the  efficien¬ 
cy  of  your  storage  infrastructure  may 
at  first  appear  to  be  a  long  and  ardu¬ 
ous  one,  but  it  is  a  path  that  must  be 
taken.  Networked  storage  can  unlock 
management  efficiencies  that  are  not 
possible  in  a  direct-attached  environ¬ 
ment  as  well  as  enabling  information 
protection  levels  that  are  appropriate 
and  consistent  across  the  enterprise. 
So  take  that  first  step... back  to  the 
basics  of  networked  storage. 


For  more  information  on 
Networked  Storage  and  the 
Enterprise  Storage  Group,  go  to: 

www.enterprisestoragegroup.com 


Someday  your  business  continuity  solution  will  be  called  on  to  save  your  company. 

(But  what’s  it  doing  this  afternoon?) 


Get  started  now  at  EMC.com/now 

_ ! 


Business 

Continuity 


It’s  time  to  make  your  business  continuity  assets  work  harder  for  you.  With  EMC, 
you  can  test  and  deploy  new  applications,  shorten  or  eliminate  backup  windows,  or 
load  and  refresh  data  warehouses  more  frequently.  The  result:  your  company  is 
better  protected  and  more  productive  every  day  of  the  year. 
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magine  a  salesman 
talking  to  your 
Web-based  CRM 
system  from  his  cell  phone. 

He  asks  for  the  latest  sales 
figures  for  a  client  he’s 
flying  to  meet,  and  the 
CRM  system  e-mails  him 
moments  later. 

Such  “multimodal”  applications  are  the 
idea  behind  Speech  Application  Language 
Tags  (SALT),  an  emerging  technology  that 
provides  a  speech  interface  to  Web 
information.  An  extension  to  existing 
Web  programming  models  and  markup 
languages  such  as  HTML,  XHTML  and 
XML,  SALT  helps  create  speech  interfaces 
that  will  reside  alongside  traditional  I/O  modes 
such  as  text,  audio,  video  and  graphics.  Rather 
than  dealing  with  cumbersome  custom  code, 
SALT  developers  should  be  able  to  work  with 
familiar  tools  and  techniques. 

Developers  who  try  SALT  will  find  it  to  be  a 
pretty  solid  specification,  says  Alexander 
Rudnickya  senior  systems  scientist  at  Carnegie 
Mellon  University’s  School  of  Computer  Science. 
Rudnicky  and  his  students  hope  to  complete 
development  of  an  open  source  SALT  browser  by 
year-end. “Our  vision  is  that  once  it  is  available 
and  distributed,  tens  of  thousands  of  people  can 
download  our  browser  and  start 
playing  with  it,”  he  says. 

Although  promising, 
SALT  is  still  in  its  infancy 
It  will  be  a  year  or  more 
before  network  executives 
can  consider  adding  SALT- 
based  capabilities  to  their 
internal  or  external  Web 
applications. 

“The  exciting  thing  about 
SALT  is  that  it’s  a  necessary  first 
step  for  concurrent  multimodal 
applications  to  become  main¬ 
stream,”  says  Dan  Hawkins, 
managing  analyst  for  voice 
business  at  Datamonitor.“But 
that’s  some  years  off.” 


...of  your  Web 
infrastructure 
vendors  about  SALT 

•When  will  you  ship 
products  that  support 
the  SALT 
specification? 

•  Will  you  support 
independent  or 
concurrent  multimodal 
applications? 

•To  what  degree  can  I 
leverage  my  existing 
investments  in  Web 
infrastructure  with  your 
SALT- based  products? 
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Where  SALT  gets  its 
flavor 

SALL  has  been  under  devel¬ 
opment  for  a  year  by  the  SALT 
Forum,  an  industry  group  led 
by  Microsoft, Cisco  and  Intel 
that  has  grown  to  include  50 
companies.The  SALT  Forum 


wants  to  create  an  open,  royalty-free  standard  that 
supports  speech  access  to  Web  content  through  a 
variety  of  devices,  including  telephones,  desktop 
and  tablet  PCs,  and  PDAs.The  SALT  Forum  in  July 
released  Version  1.0  of  the  specification  to  the  pub¬ 
lic  and  submitted  it  to  the  World  Wide  Web  Consor¬ 
tium  (W3C)  for  consideration  by  working  groups 
developing  standards  for  voice  browsers  and  multi¬ 
modal  applications. 

This  fall,  the  W3C  working  groups  will  begin 
discussing  how  to  move  forward  with  the  SALT 
specification  and  how  SALT  might  interrelate  with 
the  W3C’sVoiceXML  standard, says  Dave  Raggett,  a 
W3C  fellow  who  leads  these  two  working  groups. 
While  SALT  focuses  on  speech-enabling  Web  pages 
and  creating  multimodal  applications  for  wireless 
users, VoiceXML  targets  telephony  applications  such 
as  directory  access,  call  routing  and  cell  centers. 

But  whether  these  two  standards  will  be  comple¬ 
mentary  or  competitive  is  unclear  as  SALT  also  can 
be  used  to  create  telephony  applications. 

Putting  SALT  on  the  table 

Enterprise  use  of  SALT  will  likely  be  for  the  devel¬ 
opment  of  multimodal  applications  for  areas  such 
as  Web-based  self  service,  call  centers, CRM  and 
sales  force  automation  systems.  Or,  companies 
could  give  SALT-capable  tablet  PCs  to  workers 
such  as  insurance  adjusters,  real 
estate  agents  and  aircraft  mechan¬ 
ics  who  prefer  hands-free  input 
to  fill  out  Web-based  forms. 

Industry  segments  expected  to 
adopt  SALT  are  those  that 
already  use  speech  recog¬ 
nition  and  interactive  voice 
response  systems:  banking, 
finance,  telecom,  travel  and 


The  proposed 
SALT  standard 
for  speech¬ 
enabling  Web  con¬ 
tent  promises  to 
make  self-service, 
call  center  and  other 
such  applications 
more  appetizing. 

other  customer-service-intensive  industries, 
says  Peter  Gavalakis,  a  marketing  manager 
at  Intel. 

SALT-enabling  a  Web  site  will  require  Web 
development  tools  that  support  the  specifi¬ 
cation,  and  SALT-capable  browsers  and 
Web  server  software.  SALT  browsers  are 
available  from  Hey  Anita  and  Philips, 
and  Kirusa  offers  a  SALT-based  multi¬ 
modal  platform.  Inter-Voice  Brite  says  it 
will  add  SALT  support  to  its  Media 
Gateway  which  supports  VoiceXML,  by 
year-end. 

But  Microsoft’s  support  for  SALT  is 
most  critical,  industry  observers  say 
“SALT  is  important  because  Microsoft 
is  involved,”  Datamonitor’s  Hawkins  says, 
adding  that  Microsoft  is  focusing  exclu¬ 
sively  on  SALT.  The  company  is  not 
involved  with  VoiceXML  development 
and  doesn’t  support  VoiceXML  in  its  prod¬ 
ucts.  (SALT  co-developers  Cisco  and  Intel,  on 
the  other  hand,  do  support  VoiceXML.) 
Microsoft  in  May  began  shipping  the  beta  ver¬ 
sion  of  its  .Net  Speech  SDK,  a  Web  development 
tool  kit  that  supports  SALT.The  tool  kit  includes 
add-ons  to  Microsoft’s  Internet  Explorer  and  Pocket 
Internet  Explorer  browsers  to  support  speech  input. 
And  by  year-end,  Microsoft  plans  to  release  a  beta 
version  of  its  .Net  speech  platform,  which  is  server 
software  that  will  support  speech-enabled  Web 
applications, says  James  Mastan,  director  of  market¬ 
ing  for  .Net  speech  technologies  at  Microsoft. 

SALT  supporters  have  their  challenge  in  finding 
service  providers  and  companies  willing  to  invest 
in  speech-enabled  Web  applications  during  these 
tough  economic  times.  Other  hurdles  include 
spreading  awareness  of  the  technology  among 
Web  developers  and  continuing  to  develop  indus¬ 
try  partnerships  with  companies  such  as  AT&T  and 
IBM,  which  support  VoiceXML  and  have  yet  to  join 
the  SALT  Forum. 

“There  are  tens  of  thousands  of  developers  who 
are  doing  stuff  in  VoiceXML,”  Hawkins  says.The 
challenge  is  getting  all  those  developers  to  work 
on  SALT.” 

Carnegie  Mellon’s  Rudnicky  notes  that  SALT 
does  a  good  job  of  hiding  much  of  the  complex¬ 
ity  involved  with  developing  speech-enabled 
systems.  But,  he  says,  SALT  lacks  a  set  of  libraries 
or  reusable  code  for  developers  to  modify  to 
their  purposes. 

Still,  Rudnicky  remains  opti¬ 
mistic  about  SALT'S  potential 
because,  he  says.it  will  let 
people  who  aren’t  intimately 
familiar  with  speech  recog¬ 
nition,  voice  synthesis 
and  other  underlying 
technologies  create 
working  applications. 
SALT  is  a  big  deal  ’B 
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See  a  side-by-side  comparison  of  how  SALT 
shakes  out  against  VoiceXML. 

Qacpnder:  232! 


ork  world  Signature  Series  9/23/02 


www.  nwfusion.  com/buzz/2002/ 


WINDOWS®  CE 
COMPUTER 
ON-BOARD 


SIMPLE  NETWORK 
MANAGEMENT 
PROTOCOL 


Finally  AV  and  IT  experts  are  finding  something 
to  agree  on  -  the  VPL-PX15  SuperSmart™  projector 
from  Sony.  It  combines  cutting  edge  projector 
technology  and  features  with  the  latest  in  wired 
and  wireless  networking  capability.  It  lets  you 
manage  content  and  take  control,  while  giving 
you  outstanding  performance,  reliability  and 
image  guality. 

The  VPL-PX15  has  an  on-board  computer  so  you 
can  upload,  store,  and  present  Excel®  worksheets, 
PowerPoint®  presentations,  JPEG  images,  bitmapped 
images,  and  more.  This  self-sufficient  projector 
can  even  access  and  browse  the  Internet  via  the 
supplied  remote  control.  Plus,  it's  always  on  the 
LAN,  ready  to  be  accessed,  locally  or  remotely... 
even  wirelessly... whether  or  not  it's  turned  on. 


Through  a  simple  Internet  browser,  Sony's 
VPL-PX15  can  be  monitored  from  any  location 
on  the  LAN.  You  can  determine  if  the  unit  is  on, 
which  input  is  selected,  its  operating  status,  even 
adjust  the  picture.  Compatibility  with  Remote 
Desktop  Protocol  also  enables  the  display  of  your 
computer's  desktop,  or  that  of  any  other  PC  on 
your  LAN,  via  remote  access... without  leaving 
the  meeting  room. 

And  no  more  last  minute  surprises  -  the  VPL-PX1 5 
can  help  you  avoid  problems  before  they  become 
one.  This  SuperSmart  projector  is  so  smart,  it 
even  tells  you  when  it's  time  to  change  the  lamp 
via  email  with  Sony's  Auto  Email  function. 

So  make  your  next  projector  the  Sony  VPL-PX15. 
And  start  to  enjoy  the  benefits  of  networking  today. 


AUTO  EMAIL 
SELF-DIAGNOSTIC 
MONITORING 


For  a  limited  time  with  the  purchase  of  a  VPL-PX15  projector, 
you  can  receive  a  Wireless  LAN  Card  at  no  additional  charge. 
Call  1-800-766-9523  (Sony  LCD)  or  visit  www.sony.com/supersmart 
today  for  more  information  and  program  Terms  and  Conditions. 
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>uzz  accompa¬ 
nying  Web  ser¬ 
vices  today  no 
longer  vibrates 
around  system  inte¬ 
gration  and  XML 
interfaces,  but 
around  security  — 
and  the  frantic,  mish- 
mashed  efforts  to  create 


security  standards. 


Web  services  are  built  with  standard  interfaces 
based  on  the  Simple  Object  Access  Protocol  (SOAP) 
from  the  World  Wide  Web  Consortium  (W3C).  But 
because  SOAP  is  not  secure  at  this  point,  Web  services 
cannot  achieve  their  mission  of  enabling  business-to- 
business  commerce  and  integration  of  business  part¬ 
ners’  disparate  platforms,  network  executives  say. 

Without  security  in  the  Web  services  framework/archi¬ 
tecture,  development  of  other  Web  services  standards 
for  e-commerce  also  will  suffer,  including  those  to  sup¬ 
port  reliable  and  asynchronous  messaging,  business- 
process  workflow  and  transactional  integrity 

“Security  is  a  rollout  inhibitor  today  absolutely’ says 
Mark  Jones,  vice  president  of  business  development 
for  the  National  Student  Clearinghouse  (NSC), a  non¬ 
profit  organization  in  Herndon, Va.,  that  provides  uni¬ 
versity  enrollment  and  degree  verification  services  to 
lenders  and  businesses.  NSC  knows  the  issues  first¬ 
hand,  as  it  is  on  the  verge  of  deploying  two  Web  ser¬ 
vices  to  streamline  the  collection  and  dispersal  of  its 
data  to  potentially  millions  of  partners. 

Jones  likens  the  challenge  of  establishing  Web  ser¬ 
vices  for  partner-to-partner  trading  to  using  public-key 
infrastructure  and  electronic  data  interchange.  While 
standards-based  partner-to-partner  transactions  are 
great  conceptually,  they’re  difficult  to  implement. 
“Having  just  been  through  that  for  10  or  15  years  with 
[electronic  data  interchange],  [I  know]  it  is  a  very 
tough  problem  to  solve,”  he  says.“No  one  has  really 
perfected  a  way  to  do  partner-to-partner  trading  yet.  So 
we  question  the  evolution  of  the  standards  and  how 
well  they  will  work.” 

Jones  isn’t  alone.  Recent  surveys  by  Hurwitz  Group 
and  ZapThink  show  that  security  is  the  No.  1  obstacle 
to  adoption  of  corporate  Web  services. 

Of  course,  security  can  be  added  to  SOAP  via  exten¬ 
sions,  and  so  a  flurry  of  work  to  do  so  is  in  progress  — 
spanning  three  standards  bodies  that  have  produced 
complementary  but  sometimes  overlapping  protocols 


With  three  standards  bodies  cook¬ 
ing  up  more  than  a  dozen  Web 
services  security  protocols,  over¬ 
lap  and  confusion  is  inevitable  - 
but,  fortunately,  not  everlasting. 


(see  chart,  page  66). 

Extensions  will  standardize  ways  for  systems  to 
prove  their  identities,  validate  user  authorization  and 
access  credentials,  guarantee  confidential  transac¬ 
tions,  and  ensure  integrity  and  nonrepudiation. 

While  waiting  on  standards  ratification  and  vendor 
implementation  of  those  extensions,  many  network 
executives  are  limiting  Web  services  to  intranet  projects 
or  improvising  security  when  Web  services  traverse  cor¬ 
porate  boundaries.  Such  improvisation  includes 
homegrown  security,  fitting  established  Internet 
standards  or  proprietary  products  onto  pro¬ 
jects,  or  contracting  with  third  parties  to  sup¬ 
ply  security  services.  NSC  sidestepped  the 
standards  maze  by  using  software  from  Flam¬ 
enco  Networks  to  wrap  authentication,  autho¬ 
rization  and  management  capabilities  around 
its  Web  services,  says  Doug  Falk,  NSC  CIO. 

“We  probably  could  have  started  with  weaker 
encryption  and  relied  on  a  model  using  HTTP-S 
and  authenticating  based  on  a  user  ID  and  pass¬ 
word. That  would  have  worked  for  a  period  of  time 
until  someone  raised  concerns  over  that  model 
being  too  weak,”  Falk  says. 


Information  Standards  (OASIS)  and 
the  W3C  are  working  on  or  have  com¬ 
pleted  no  fewer  than  13  security  proto¬ 
cols  for  use  with  Web  services.These 
include  extensions  for  encryption,  digi¬ 
tal  signatures,  nonrepudiation  and 
long-accepted  standards  such  as 
Kerberos  that  are  being  folded  into 
the  Web  services  mold. 

With  so  many  cooks  in  the 
kitchen,  the  industry  lacks  a  clear 
view  of  how  individual  Web  ser¬ 
vices  security  specifications  will  be  melded 
into  an  interoperable  security  framework. 

To  their  credit,  OASIS  and  W3C  are  comparing 
their  efforts  with  the  aim  of  clarifying  the  security 
work.“If  any  of  these  security  specifications  are 
going  to  work  together,  we  have  to  work  together,”  says 
Karl  Best,  director  of  technical  operations  for  OASIS. 

The  cooperation  began  with  WS-Security  a  specifica¬ 
tion  proposed  by  IBM,  Microsoft  and  VeriSign  in  April 
and  turned  over  to  OASIS  last  month.  WS-Security,  which 
lets  Web  services  pass  secure  and  signed  SOAP  mes¬ 
sages,  has  at  its  core  the  W3C’s  XML  Encryption  and 
XML  Digital  Signature  and  will  add  six  other  extensions 
for  functions  such  as  expressing  security  policies,  trust 
relationships,  federation  and  authorization. Then  last 
month,  OASIS  and  W3C  sponsored  a  forum  to  compare 
and  contrast  work  being  done  by  both  groups. 

In  addition  to  XML  Digital  Signature  and  XML 
Encryption, W3C  is  developing  the  XML  Key 
Management  Specification  and  a  Web  Service 
Architecture  that  includes  a  security  framework. 
Meanwhile,  OASIS  is  developing  the  Security  Assertion 
Markup  Language  (SAML)  for  authentication  and 
authorization,  the  Extensible  Access  Control  Markup 
Language,  Service  Provisioning 

Markup  Language  and  the  XML 
Common  Biometric  Format. 
The  IETF’s  work  centers  on 
standards  for  transport-level 
security  on  which  OASIS 
and  W3C  are  building  appli- 
See  Web  services,  page  66 


The  rush  is  on 

Meanwhile, XML  standards  bodies  have  been  busy 
The  Internet  Engineering  Task  Force  (IETF),  the 
Organization  for  the  Advancement  of  Structured 


. . .  of  your  Web  services  vendor 

•  What  security  do  you  provide  that  lets  Web 
services  extend  outside  my  firewall? 

•  How  do  I  get  around  security  obstacles  today 
while  staying  on  a  path  to  adopt  standardized 
technologies  in  the  future? 

•  What  are  you  doing  to  avoid  the  security 
complexities  that  have  plagued  Other  object- 
oriented  programming  models? 

•  In  what  standards  groups  do  you  participate? 
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Next  time 
hire  a 

NECA/IBEW 

contractor. 


To  hire  an  electrical  contractor  who  employs  IBEW  workers,  contact 
your  local  NECA  chapter  or  IBEW  local  union.  To  find  a  NECA 
contractor,  call  The  NECA  Connection  at  800-888-6322. 


np' 


n 


THE  QUALITY 


1 

TO  EXCELLENC 


www.thequalityconnection.org 


National  Electrical  Contractors  Association 
International  Brotherhood  of  Electrical  Workers 


CONNECTION  w 


Web  services,  continued  from  page  64 

c  ation-level  security  protocols. 

The  groups  need  to  develop  a  concep¬ 
tual  "security  stack”  model  that  illustrates 
how  various  protocols  will  rely  on  each 
other,  rather  than  compete,  says  Anne 
Thomas  Manes,  a  security  expert  who 
works  with  OASIS  and  W3C  and  is  CTO 
for  Web  service  security  vendor  Systinet. 
“The  higher-level  items  take  advantage  of 
the  lower  levels  of  the  stack.  So  WS- 
Security  depends  on  XML  Digital 
Signature,  XML  Encryption, SAML  and 
SOAP  "she  says. 

Corporations  pushing  ahead 

Such  a  model  is  logical,  but  generates 
only  passing  interest  from  corporations 
on  the  cutting  edge  that  want  to  push 
their  Web  services  over  the  firewall  now. 

“At  this  point  we  are  using  a  standard 
firewall  system  with  Secure  Sockets  Layer 
encryption,  and  we  have  built  our  own 
Web  services  gateway  for  authentica¬ 
tion  and  authorization,” says  Gereon 
Fredrickson,  senior  director  of  technology 
products  for  Galileo  International,  a 
provider  of  data  to  the  travel  industry. 

While  Galileo  waits  for  the  interoperabil¬ 
ity  that  standards  promise,  a  handful  of 
vendors  offer  a  collection  of  middleware 
software  and  services  to  boost  Web  ser¬ 
vices  security  including  BEA  Systems, 

Cape  Clear,  Flamenco,  Grand  Central 
Networks,  IBM,  Iona,  Kenamea,  Microsoft, 
Oracle,  Sonic, Sun,  Systinet  and  Tibco. 

Galileo,  which  went  live  with  its  first 
external  Web  service  last  month,  is  waiting 
for  the  security  standards  landscape  to 
flatten. “There  is  still  some  shake-out  that 
has  to  happen  before  we  see  where  the 
actual  standards  will  settle.Then  we’ll  see 
where  we  can  use  those,”  Fredrickson  says. 

Signs  of  a  settling  have  begun  in  that  the 
WS-Security  specification  is  generally 
regarded  as  a  competent  starting 
point.  It  specifies  how  communica¬ 
tion  among  Web  services  will  be 
secured  and  describes  how  to 
put  security  protocols  to  use 
within  SOAP  WS-Security  adds 
security  information  to  the 
headers  of  SOAP  messages 
using  XML  Encryption,  XML 
Digital  Signatures  and  iden¬ 
tity  protocols  such  as 
SAML  or  Kerberos,  an  IETF 
standard. 

“In  terms  of  pure  Web 
services  security,  we  are 
just  starting  out,” says  Bob 
Sutor,  director  of  e-busi¬ 
ness  standards  strategy  for 
!BM.“But  WS-Security  starts 
to  lay  the  foundation.” 

Settlement  also  is  hap¬ 
pening  around  workflow 
specifications  that  will  aid 
in  deploying  security  at  exe¬ 
cution  points  when  multiple 
Web  services  applications  are 
tied  together  across  a  number  of 
organizations. 

Last  month,  IBM  and  Microsoft  com¬ 


bined  their  respective  Web 
Services  Flow  Language  and 
XLANG  to  create  the  Business 
Process  Execution  Language 
for  Web  Services.The  lan¬ 
guage  lets  users  specify  a  col¬ 
lection  of  Web  services  and 
the  order  in  which  they  need 
to  be  executed  as  part  of  a 
business  process  such  as  fill¬ 
ing  an  order.  It  joins  similar 
efforts  from  Sun  on  Web 
Services  Choreography 
Interface  and  protocols 
included  in  OASIS's  electronic 
business  XML  specification. 

With  the  stages  of  a  business 
process  defined  in  a  workflow, 
security  tenants  such  as  en¬ 
cryption,  authentication  and 
access  control  can  be  defined 
per  stage  instead  of 
blanketing  the  trans¬ 
action  as  a  whole. 

The  workflow  lets 
certain  forms  of 
security  be  applied 
only  where  they  are 
needed. 

“If  you  manage  the 
workflow  of  a  trans¬ 
action,  you  can  trace 
each  step  and  make 
sure  security  is  oc¬ 
curring,”  says  Bernhard  Borges, 
managing  director  of  the 
advanced  technology  group  at 
PricewaterhouseCoopers  Con¬ 
sulting.  He  says  workflow  builds  a  founda¬ 
tion  that  finally  lets  multiple  Web  services 
be  aggregated  into  a  business  transaction. 

“Once  you  get  the  bits  and  pieces  of 
workflow,  you  can  start  to  apply  security” 
Borges  says. 


A  standards  mishmash 


However,  experts  say  it  could  take  two 
to  five  years  before  the  standards  are 
mature  enough  for  corporate  customers 
to  make  use  of  them. 

“Without  a  security  and  trust  infrastruc¬ 
ture, Web  services  will  be  dead  on  arrival,” 


says  Phillip  Hallam-Baker,  principal  scien¬ 
tist  forVeriSign.“But  people  shouldn’t  be 
concerned  that  this  is  a  problem  that 
won’t  get  solved,  because  there  is  very 
large  agreement  on  the  basic  approach  on 
how  to  go  about  this.”  ■ 


The  Organization  for  the  Advancement  of  Structured  Information  Standards  (OASIS)  and  World  Wide  Web  Consortium 
(W3C)  have  pinpointed  13  specifications  likely  to  form  the  foundation  of  a  Web  services  security  framework. 


Standard  (proposed  or  final) 

Standards  body/Status 

Description 

SAML 

Security  Assertion  Markup  Language 

OASIS/Final  vote 

Exchanges  user  and  machine  authentication  and 
authorization  information. 

XACML 

Extensible  Access  Control  Markup  Language 

OASIS/Committee  review 

Expresses  policies  for  information  access. 

SPML 

Service  Provisioning  Markup  Language 

OASIS/ln  committee 

Defines  how  to  exchange  user,  resource  and 
service  provisioning  information. 

WS-Security 

OASIS/Forming  technical  committee 

Extends  Simple  Object  Access  Protocol  with 
XML  security  protocols. 

XrML 

Extensible  Rights  Management  Language 

OASIS/Gathering  requirements 

Manages  copyrights  of  digital  content. 

XCBF 

XML  Common  Biometric  Format 

OASIS/Defining  scope  of  work 

Defines  XML  codings  for  Common  Biometric 
Exchange  File  Format. 

XML  Digital  Signature 

W3C/Completed 

Provides  integrity,  signature  assurance  and 
non-repudiation. 

XML  Encryption 

W3C/Final  vote  in  committee 

Encrypts  and  decrypts  digital  content. 

XKMS 

XML  Key  Management  Specification 

W3C/Working  draft 

Provides  a  method  for  obtaining  cryptographic 
keys. 

Transport  Layer  Security/ 

Secure  Sockets  Layer 

IETF/RFC  2246 

Secures  Internet  traffic  between  two  points. 

SASL 

Simple  Authentication  and  Security  Layer 

IETF/RFC  2222 

Adds  authentication  to  connection-based 
protocols. 

Kerberos 

IETF/RFC  1510 

Provides  tickets  for  authenticating  users. 

BEEP 

Blocks  Extensible  Exchange  Protocol 

IETF/RFC  3080 

Helps  establish  quality  of  service 
over  the  Internet. 
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Finally  -  the  missing  piece! 


Today’s  ever-growing  data  centers  make  it  harder 
than  ever  to  get  hands-on  control  of  all  your  servers 
and  network  devices.  Now  you  can  have  direct 
access  to  every  device  in  your  data  center  from  any 
location,  all  from  a  single  screen.  Manage  and  maintain 
servers  in  your  local  rack  or  across  the  world. 


Total  system  control  over  analog  or  IP  connection 
means  complete  ‘at  the  computer’  troubleshooting 
from  anywhere. 

Now  it’s  all  falling  into  place.  Avocent’s  advanced 
analog  and  digital  KVM  solutions  -  the  perfect  fit 
for  the  server  room  and  enterprise. 


For  the  complete  picture,  download  a  free  KVM  Tech  Guide  today  at 
www.kvmguide.com  or  call  1  -866-AVOCENT  (286-2368),  ext.  3005. 


Avocenfc 


Avocent,  the  Avocent  logo,  “The  Power  ot  Being  There”,  “KVM  over  IP",  DSR,  DSView,  DS1800,  and  CPS  are  trademarks  of 
Avocent  Corporation.  All  other  marks  are  the  property  of  their  respective  owners.  Copyright  ©  2002  Avocent  Corporation. 
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Enterprise  application  integration 
vendors  have  entered  the  business 
process  management  fray  with  integrated 
wares,  but  some  question  whether  that 
approach  is  feasible. 


Bif-Aiut-But/nurs! 


lusiness  process 
management  is 
like  Hush 
Puppies  shoes  —  an  old 
standby  that  periodically 
experiences  a  burst  of 
recognition. 


Today,  BPM  is  back  in  vogue  . . .  with 
a  twist.  It’s  no  longer  the  sole  domain 
of  pure-play  BPM  vendors  such  as 
Staffware,  Metastorm,  Intalio  and 
Fuego.  Enterprise  application  integra¬ 
tion  (EAI),  enterprise  resource  planning 
(ERP)  and  CRM  vendors  have  bolstered 
their  suites  with  tools  for  analyzing  and 
modeling  business  processes. These  BPM 
add-ons  for  the  most  part  are  not  as  ad¬ 
vanced  as  tools  from  the  purists;  however,  the 
suite  vendors  are  betting  that  users  are  willing  to  sacri¬ 
fice  functionality  for  familiarity  and  ease  of  integration. 

BPM  is  about  analyzing  and  retooling  the  way  busi¬ 
ness  gets  done.  Examples  of  business  processes  are 
handling  a  customer  service  request  from  report  to  res¬ 
olution  and  “lead  to  order” —  the  steps  from  receiving  a 
sales  lead  through  completing  a  sales  order. 

Trapped  in  a  pinched  economy  companies  today  are 
scrutinizing  such  processes  hoping  to  squeeze  out 
inefficiencies  by  automating  manual  tasks. 

“It’s  almost  scary  the  way  the  terminology  ‘business 
process’  is  reoccurring,  at  a  force  almost  stronger  than 
during  the  heydays  of  ERP,” says  Bernhard  Borges,  man¬ 
aging  director  at  PricewaterhouseCoopers  Consulting. 

On  the  business  software  side,  FeopleSoft  early  this 
year  unveiled  messaging  middleware  called  PeopleSoft 
Integration  Broker  for  executing  business  processes 
across  applications.  CRM  vendor  Siebel  Systems  this 
spring  announced  Universal  Application  Network, 
which  includes  a  library  of  industry-specific  business 
process  templates  and  a  design  tool  for  modeling  and 
configuring  business  process  workflows. 

But  the  most  buzz  has  come  from  the  EAI  side.  EAI 
vendor  web.Methods  offers  business  process  modeling 
and  management  functions  with  its  webMethods  Busi¬ 
ness  Integrator.  Competitor  Vitria  includes  tools  for  mod¬ 
eling,  automating  and  analyzing  business  processes  in 
its  BusinessWare  integration  platform.  SeeBeyond 
Technologies  has  its  e-lnsight  Business  Process 
Manager,  and  IBM  added  BPM  to  its  integration  arsenal 
last  year  when  it  purchased  CrossWorlds  Software. 

Integrating  processes 

Coupling  BPM  and  EAI  tools  provides  a  flexible  way 
of  linking  applications  and  different  parts  of  a  cus¬ 
tomers  supply  chain  independent  of  the  applications 


being  connected,  says  Paraic  Sweeney  vice  president  of 
marketing  for  IBM’s  software  solutions  and  strategy  divi¬ 
sion. This,  he  says,  is  “a  bridge  between  the  business 
issues  and  the  technology  that  underpins  it.”  A  business 
user  can  describe  a  business  process,  and  then  an 
application  developer  can  structure  the  links  needed  to 
execute  the  process  from  within  the  same  application. 

That  strategy  is  resonating  with  some  users.  Smurfit- 
Stone  Container  went  through  a  lengthy  selection 
process  to  find  an  application-integration  platform  that 
also  handled  BPM. “We  thought  about  where  we  were 
going  in  the  future,  not  that  we  necessarily  needed  all 
of  the  pieces  immediately  says  Bob  Wills,  integration 
architect  at  Smurfit-Stone. 

The  Chicago  packaging  manufacturer  had  an  immedi¬ 
ate  need  to  link  applications  so  it  could  share  informa¬ 
tion  among  its  350  paper  mills  and 
manufacturing  plants.  Scattered 
locations  need  to  funnel  financial 
information  to  Smurfit-Stone 
headquarters.  In  addition,  the 
mills  and  plants  need  to  swap 
inventory  and  order  information  so 
the  mills  know  what  kind  of 
paper  materials  to  manufacture 
and  the  plants  know  when  their 
supplies  are  en  route,  Wills  says. 

Smurfit-Stone  selected  See 
Beyond  s  e-Gate  Integrator  mes¬ 
saging  middleware  and  elnsight 
BPM  modules.  Building  a  hub- 
and-spoke  integration  model 
with  SeeBeyond’s  tools  elimi¬ 
nates  dozens  of  point-to-point 
application  hooks,  Wills  says. 

The  SeeBeyond  software  also 


will  provide  future  efficiencies. Today,  Smurfit-Stone  uses 
electronic  data  interchange  with  some  of  its 
largest  customers.  But  EDI  is  out  of  range  for  its 
smaller  partners,  many  of  whom  fax  their 
orders.  With  SeeBeyond’s  software, Smurfit- 
Stone  will  be  able  to  swap  order  and  ship¬ 
ping  information  electronically, without  EDI 
or  faxes,  while  offering  more  flexible  elec¬ 
tronic  payment  options  and  more  efficient 
transportation  processes. 

Indeed,  today’s  collaboration-driven 
transactions  are  mired  in  the  process.  A 
complex  financial  transaction  might 
encompass  100  processes.  Executing 
them,  including  manual  portions,  requires 
application  integration  and  BPM. 
“Anything  meaningful  in  terms  of  a  trans¬ 
action  includes  a  workflow;”  Borges  says.“lt’s 
fairly  natural  to  start  looking  at  business 
process  and  integration  as  a  single  entity  or 
at  least  as  something  very  closely  related.” 

But  Darcy  Fowkes,  research  director  at  Aberdeen 
Group,  warns  users  not  to  expect  the  most  robust  BPM 
functionality  from  integration  vendors  that  “don’t  have 
the  depth  of  knowledge  into  processes  that  the  busi¬ 
ness  process  management  folks  have.” Still,  Fowkes  says 
she  understands  the  appeal  of  consolidated  EAI  and 
BPM  platforms:  “You  can  see  how  the  integrators  are 
saying  ‘I’m  already  exposing  it,  let  me  just  take  it  to  the 
next  layer.’You  can  see  why  the  customers  are  saying, 
‘But  1  already  have  webMethods  installed.  Why  do  I 
want  to  go  through  the  process  of  putting  something 
else  on  top?”’ 

Companies  can  take  advantage  of  integrated  software 
but  shouldn’t  expect  one  person  to  do  both  EAI  and 
BPM.  One  is  a  messaging  platform  with  data  normaliza¬ 
tion  and  metatagging  capabilities,  the  other  one  is 
about  business  logic,  Borges  says. 

BPM  is  not  a  trivial  exercise,  Borges 
stresses.  It  takes  a  lot  of  enterprise  soul- 
searching  to  choose  a  platform,  and 
the  stakes  are  high. “Two  or  three 
years  ago,”  he  says, “failure  was  consid¬ 
ered  a  learning  experience. Today,  fail¬ 
ure  is  basically  bankruptcy?  ■ 


. . .  of  your  business  process  management  vendors 

•What  experience  do  you  have  in  my  company’s  industry? 

•  Do  your  prepackaged  templates  address  my  industry’s  business 
processes  and  regulatory  obligations? 

•  Does  your  software  include  business  process  modeling  features  for 
measuring  the  effect  of  a  prospective  process  change? 

•  Do  you  support  business  process  standards  such  as  Business  Process 
Modeling  Language,  Web  Service  Choreography  Interface,  Microsoft’s 
XLANG  specification  and  IBM’s  Web  Services  Flow  Language  (WSFL)? 

•Will  you  support  Business  Process  Execution  Language  for  Web 
Services,  the  newly  proposed  standard  to  replace  WSFL  and  XLANG? 
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Don’t  make  me  come  over  there 


Remotely  migrate  your  users  to  XP  or  2000  without  making  a  scene. 


That’s  right,  you’re  not  a  bellhop,  or  an  IT  concierge  for  that  matter.  With  the  robust  Client 
Mgmt  Suite  from  Altiris,  you’re  a  behind-the-scenes  architect  that  can  remotely  migrate 
an  entire  enterprise  to  XP  or  2000  in  no  time  at  all.  Altiris  even  gives  you  comprehensive 
lifecycle  management  for  all  your  networked  devices,  from  deployment  to  retirement. 

All  of  which  saves  you  from  end-user  visits  and  mindless  lo-tech  chitchat.  So  download  our 
free  Migration  Assessment  Toolkit  today,  before  you  swear  this  is  the  last  time — again. 


altiris* 

intuitive  >  manageability 


Get  a  free  Migration  Assessment  Toolkit  today  at  www.altiris.com/easymigrate92  and  avoid  the  hassle. 


©  2002  Altms.  All  rights  reserved.  AM  other  products  mentioned  are  property  of  their  respective  owners. 


|  he  familiar  buddy 
list  will  soon  take 
on  a  new  personal¬ 
ity,  as  presence  technolo¬ 
gy  begins  gracing  cor¬ 
porate  instant  messag¬ 
ing  and  other  commu¬ 
nication  tools. 

The  promise  of  presence  is  that 
users  can  reach  others  instantly  re¬ 
gardless  of  location  of  either  party 
over  a  variety  of  media,  including 
chat,  video  and  wireless  or  tradition¬ 
al  voice.  Also  possible  will 
be  technologies  such 
as  spontaneous 
audio-  and  video- 
conferences. 

“For  us,  the  tech¬ 
nology  has  become  a 
valuable  tool,  not  just  for 
instant  messaging  but  for 
things  like  application  shar¬ 
ing  and  whiteboard  func¬ 
tionality”  says  Nicole 
Picciotta.CIO  at  Shaw  Pitt¬ 
man,  a  Washington,  D.C., 
law  firm  that  uses  IBM 
Lotus’  Sametime  collabora¬ 
tion  tools  injected  with 
presence. 

Many  industry  watchers 
predict  that  once  presence 
technology  breaks  free  of 
its  instant-messaging  confines 

and  moves  further  into  IP  telephony  and  other  areas,  it 
could  become  an  even  more  powerful  antidote  to  cor¬ 
porate  communication  hindrances. 

Adding  presence  does  not  alter  corporate  networks 
dramatically. You’ll  have  to  address  the  bandwidth 
needed  to  support  multimedia.You’ll  also  need  to 
deploy  some  type  of  server  software,  usually  a  messag¬ 
ing/presence  server  that  provides  the  messaging  relay 
security  and  storage  for  clients. 

You  have  a  choice  of  stand-alone  presence  software 
from  companies  including  Bantu,  Dynamicso ft,  Face 
Time  Communications,  NotePage  and  Vayusphere. 
Meanwhile,  some  larger  vendors  are  bundling  these 
capabilities  with  collaboration  tools.  Examples  of  the 
latter  include  IBM  Lotus  with  its  Sametime  software 
and  Microsoft  in  .Net  Server,  industry  watchers  say. 

“The  breadth  of  possibilities  here  are  what  makes 
this  pretty  exciting. The  technology  that  is  now  used  in 
applications  offered  by  AOL  or  Yahoo  are  only  the  tip 
of  the  iceberg,”  says  Jonathan  Rosenberg,  chief  scien¬ 
tist  at  Dynamicsoft  and  co-author  of  the  IETF’s  Session 
Initiation  Protocol  (SIP)  standard. 

A  SIMPLE  presence 

SiPa  signaling  standard  for  setting  up  and  managing 
communications  sessions  between  different  medians 
one  of  two  key  protocols  for  presence. The  other  is  SIP 
for  Instant  Messaging  and  Presence  Leveraging  Exten¬ 
sions  (SIMPLE),  now  progressing  as  a  uniform  way  to 
add  presence  to  those  capabilities  (but  not  yet  a  for¬ 
mal  IETF  standard). The  growing  support  for  these  pro¬ 
tocols  is  among  the  indicators  that  next-generation  in¬ 
stant  messaging/presence  soon  will  take  off,  Rosen¬ 
berg  and  others  say. 

One  example  is  AOL’s  willingness  to  use  SIMPLE  for 


Just  as  text-based  instant 
messaging  begins  to  storm  the 
enterprise,  its  next  incarnation  - 
presence  networking  - 
takes  shape. 

interfacing  its  mammoth  instant  messaging  service 
offering  with  messaging  plays  from  other  vendors. 
Another  is  the  recent  designation  of  SIP  as  a  call-con 
trol  standard  for  3G  wireless  networks  by  major  wire¬ 
less  standards  bodies  including  the  Third 
Generation  Partnership  Project,  Rosenberg  says. 

More  indicative  yet  is  Microsoft’s  decision 
to  bundle  SIP  support  in  its  Windows  XP 
operating  system  to  enable  PC-to-phone 
voice  capabilities,  he  says.This  will  let  users 
build  APIs  into  XP  that  would  inject  presence 
capabilities  into  voice  and  video  applications. 

But  instant  messaging’s  thrust  into  voice  com¬ 
munications  will  not  be  without  its  challengers, 
says  Henry  Seinrich,  distinguished  member  of  engi¬ 
neering  at  WorldCom. 

“The  real  barrier  is  that  legacy  telecom  vendors 
are  resisting  this  tooth  and  nail, since  it  would  make 
their  industry  base  obsolete,”  Seinrich  says.  He  refer¬ 
ences  reluctance  among  the  PBX  and  IP  PBX  or  soft 
switch  sectors,  which  he  says  are  resistant  to  the 
idea  of  presence-based  telephony  services. 

Yet  other  vendors,  including  Nortel,  have  em¬ 
braced  SIP  Nortel  has  included  SIP  logic  into  its 
Succession  line  of  application  servers,  which  will  let 
service  providers  extend  presence-based  IP  services 
to  users.  Nortel  also  supports  SIP  in  its  Succession 


products  for  corporations. 

Another  challenge  is  habit  and  cultural  resistance, 
users  say 

“There  are  some  audio  capabilities  built 
into  Sametime,  but  we’ve  not  really  moved 
away  from  everyday  phone  calls,’ ’Shaw 
Pittman’s  Picciotta  says. 

For  Boston  public  relations  firm  Pbrter 
Novelli.the  wholesale  swapping  of 
phones  for  instant  messaging  has  so  far 
come  only  in  extreme  circumstances. 
“When  Sept.  1 1  struck,  we  benefited  from 
the  fact  that  we  had  been  deploying  [in¬ 
stant  messaging]  and  awareness-based 
tools  because  of  our  need  to  stay  fluid  in 
terms  of  location  and  to  reach  our  client 
base,”  says  Bob  Elloyan,  direc¬ 
tor  of  enterprise  technology. 
Several  months  ago 
Porter  Novelli  started  a 
more  formal  campaign 
to  include  its  clients  in 
the  use  of  presence- 
infused  collaboration 
tools.  Using  Sametime, 
which  supports  SIP  and 
SIMPLE,  the  firm  has  in¬ 
cluded  clients  in  online 
collaborative  workspaces 
and  calendar-sharing  exer¬ 
cises  to  increase  the  re 
sponsiveness  and  avail¬ 
ability  of  public  rela¬ 
tions  representatives. 
Making  those  account 
members  available  in 
real  time  is  the  next 
step,  Elloyan  says. 

The  step  beyond  that 
would  be  to  harness  this  efficiency  to  business 
objectives  —  a  move  that  will  likely  serve  to  further 
distance  presence  from  its  instant-messaging  roots, 
most  agree. 

Users  such  as  Porter  Novelli  are  interested  in  how 
presence  might  hold  the  ultimate  promise:  competi¬ 
tive  advantage.“Never  mind  that  employees  have 
awareness  capabilities,”  Elloyan  says.“Our  clients 
need  to  know  where  their  account  team  is  and  have 
instant  access.” 

Jones  is  a  freelance  writer  in  Vienna,  Va.  She  can  be 
reached  at  jjwriterva@aol.com. 


PRESENCE 

SERVER 


. . .  of  your  vendor  of  presence  server  or 
messaging  software 

•  On  which  part  of  your  product  suite  do  you  support 
presence? 

•  Are  your  presence  products  open  and  inter¬ 
operable  with  the  IETF’s  SIP  and  SIP  for  Instant 
Messaging  and  Presence  Leveraging  Extensions 
specifications? 

•What  security  mechanisms  are  available  in  your 
presence  software? 

•  In  particular,  do  you  support  encryption? 

•  Can  I  add  applications  onto  a  proposed  messaging 
product,  and  can  I  tailor  those  applications  to  a 
department  or  business? 
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Experio  is  a  global  IT  consultancy  and  unit  of  Hitachi  Ltd.  Efexpeno 

Shoreline  supports  the  company  with  an  integrated  IP 

voice  system  linking  800  users  and  18  Experio  offices  throughout  the  U.S. 


Per  Site  Aquisition  Costs 


SHORELINE  LEGACY  PBX  NET  SAVINGS 


Your  existing  phone  system  is  costing  you  more  money 
than  you  think.  To  learn  how  a  Shoreline  IP  Voice  System  can  drastically 
reduce  your  company  phone  expenses  while  adding  more  features  and  solid 
reliability,  call  1-877-80SHORE  or  visit:  http://savings.goshoreline.com 


Si. 6  million. 

( and  counting) 


Equipment  Network  Upgrades 

$30,000 

$60,000 

$30,000 

Installation  -  Hard  Costs 

$0 

$1,700 

$1,700 

Total  Per  Site  Aquisition  Costs 

$30,000 

$61,700 

$31,700 

Total  Aquisition  Costs  (XI 6) 

$480,000 

$987,200 

$507,200 

Annual  Costs 

Management 

$39,600 

$72,000 

$32,000 

Maintenance  (Based  on  10.1%) 

$48,480 

SI  79,780 

$an  ann 

Long  Distance   

$30,000 

$T5L0QQ 

$121,700 

TCO  Per  Year 

$118,080 

$352,280 

$234,200 

Total  Savings  Over  5  Years 

$1,678,200 

“ Shoreline  reduced  our  system  acquisition  and 
installation  costs  by  more  than  $500K,  and 
helped  us  reduce  our  ongoing  voice  network 
expenses  by  more  than  $200K  per  year” 

Michael  Shisko,  IT  Director,  Experio  Solutions 


Robust  IP  Phone  Systems 


©  Copyright  2002  Shoreline  Communications  and  the  Shoreline  Communications  logo  are  registered  trademarks  of  Shoreline  Communications  h- 


A  new  breed  of  security  tools  for  stopping  intruders  shows  promise,  but  can’t  be  entirely  trusted  yet. 


.  ntrusion  prevention 
seems  the  next  logical 
™  step  in  enterprise  secu¬ 
rity.  Turning  the  intrusion-detec¬ 
tion  systems  developed  for 
spotting  attacks  into  more  use¬ 
ful  products  that  stop  intruders 
cold  might  even  be  considered  a 
no-brainer. 


One  thing  is  for  certain,  intru¬ 
sion  prevention  is  creating  more 
them  a  little  buzz  among  security 
watchers  these  days.  Start-ups 


Bif.JajasLnM-Cjunjn.Ln.gs 

need  ironing  out.  Intrusion-prevention  vendors 
have  to  find  a  way  to  eliminate  false  positives,  and 
they  have  to  figure  out  how  to  run  the  devices 
inline  without  creating  network  bottlenecks.  Plus, 
the  technology  needs  legitimization. 

The  latter  will  come  once  big  players  such  as 
Cisco,  Computer  Associates  and  IBM  jump  into  the 
market  —  by  grabbing  up  the  start-ups,  of  course, 
Pescatore  says.  This  in  turn,  will  get  the  attention 
of  security  vendors  such  as  Check  Point  Software, 
Internet  Security  Systems  (ISS)  and  Trend  Micro  — 
which  lead  the  firewall,  IDS  and  antivirus  markets 
today.  Such  established  security  vendors  will  be  at 
risk  if  they,  too,  don’t  eventually  move  into  intru¬ 
sion  prevention,  he  says. 

A  thorny  problem 

But  the  big  players  probably  won’t  make  a  move 
till  the  start-ups  work  out  the  technology  kinks. 
Configuration  rest  far  too  heavily  on  manual  inter¬ 


related  story,  page  76). 

False  positives  are  thorns  in  the  sides  of  so  many 
traditional  IDSs  because,  if  improperly  configured, 
they  will  register  attacks  as  legitimate  even  if  those 
attacks  have  no  bearing  on  the  network.  For  exam¬ 
ple,  an  IDS  on  a  network  of  Apache  Web  servers 
must  be  told  not  to  register  attacks  to  Microsoft 
Internet  Information  Server,  otherwise  it  will  issue 
an  alarm  when  it  sees  an  IIS  attack.  Similarly,  IDS 
must  be  updated  with  patch  information  when  a 
flaw  is  fixed.  If  it  isn’t  updated,  the  IDS  will  set  off 
an  alarm  if  it  registers  attacks  against  that  flaw, 
even  if  the  flaw  has  been  patched. 

False  positives  from  an  IDS  are  irritating,  because 
they  can  quickly  swamp  the  network  with  nearly 
constant  alerts.  But  they  can  be  downright  disas¬ 
trous  from  an  intrusion-prevention  tool. 

Say  your  intrusion-prevention  tool  flags  legitimate 
traffic  as  malicious,  a  false  positive  that  happens  at 
times  when  IDSs  are  set  to  look  for  traffic  anom- 


are  to  thank  for  the 
excitement. 


vention  and  the  administrator’s  configura¬ 


tion  skills  (see 


“We’re  seeing  these  little 
companies  coming  up  with 
innovative  techniques  that 
threaten  the  older  established 
markets,”  says  John  Pescatore, 
research  director  for  Internet 
security  at  Gartner. 

In  the  offing  are  tools  that 
meld  the  best  of  firewall,  IDS, 
antivirus  and  vulnerability- 
assessment  technologies  with 
the  intent  of  preventing  attacks 
automatically.  The  emphasis  is  on 
the  automation,  Pescatore  says. 

..  “If  the  intrusion-detection  func 
lion  or  the  antiviral-detection  func 
tion  stiys  this  is  an  attack,  and  the 
vulnerability-assessment  function 
confirms  that  the  network  is  vulner 
able;  to  that  attack,  the  firewall 
blocks  it  or  shunts  the  packet  off  to 
some  safe  destination,  thwarting  the 
attack,”  he  explains. 

Sounds  good.  But  before  such  a  sce- 
nark>  can  occur,  two  big  problems 


Start-ups  tackle 
intrusion  prevention 


Sometimes  a  valid  business  transaction  may  act 


like  an  attack,  ’  says  Van  Nguyen,  director 


See  Intrusion,  page  SO 


Here  is  a  sampling  of  start-ups  combining  the  capabilities  of  previously  separate  security  tools  to 
detect  and  block  intrusions  before  they  hit  the  network.  All  claim  to  work  inline  at  wire  speed. 


UZ. 
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Vendor 


Product 


Capabilities: 
Firewall/IDS/antivirus/ 
vulnerability  assessment 


Processor  Top  speed  Differentiator 


IntruVert 

Networks 

www.intruvert. 

com 

IntruShield  4000 

Availability:  Now 
Pricing:  $100,000 

Yes/yes/future/future 

Intel 

2G  bit/sec 

Signature  detection;  anomaly  detection; 
DoS  detection;  ability  to  set  up  virtual 
IDS  domains  for  protecting  specific 
network  segments  or  user  departments. 

i  Pol  icy 
Networks 

www.ipolicy 

networks.com 

lpEnforcer6000 
Availability:  Now 

Pricing:  Starts  at 
$125,000 

Yes/yes/yes/04 

Intel 

4G  bit/sec 

Modular  design;  can  run  seven  security 
applications  simultaneously;  auto 
downloads  latest  signatures;  previously 
focused  on  the  carrier  market  but  now 
targeting  corporate  accounts. 

OneSecure 

www.one 

i- 

OneSecure  Intrusion 
Detection  and 
Prevention  System 

Availability:  Now 

Pricing:  Starts  at 
$16,500 

Yes/yes/yes/future 

Intel 

1G  bit/sec 

Traffic-specific  attack  detection 
limits  false  positives;  uses  several 
detection  mechanisms,  including 
protocol  anomaly,  traffic  anomaly 
and  stateful  signatures. 

■  TippingPoint 

M  Technologies 

■  www.tipping 

K  point.com 

UnityOne 

Availability:  Now 
Pricing:  $100,000 

Future/yes/yes/yes 

Vendor- 

engineered 

2G  bit/sec 

Application-specific  processor 
enhances  speed;  integrated 
vulnerability  assessment  reduces 
false  positives;  auto  downloads 
latest  signatures. 
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Systems  Integrati 


La-Z-Boy®  thought 
managing  its  servers 
would  never  be  simple 


Outsourcing 


Infrastructure 


Server  Technology 


Consulting 


Imagine  it. 

.  M  •/  ;  5-  *  ■ 

Fighting  complexity.  Scaling  up  with  simplicity. 

The  IT  team  at  La-Z-Boy  Incorporated  experienced 
an  explosion  of  servers  and  applications.  One 

bob  j .  ■  I  -  r  |  1  ^ 

Unisys  ES7000  enterprise  server  simplified  man- 

offered 


agement  to  a  standardized  platform  and 


Done. 

.  (  .5  >•  f  _r_ 

Today  the  Unisys  ES7000  family  of  enterprise 

/  j  »  |  " 

servers  comes  with  true  self-managing,  self-healing 

-  .  --  ;>  r  x  •  \  . 

systems  to  harness  the  massive  power  of  up  to 

\  *  i  -  •  S  2  * 

32  Intel®  Xeon™  processors.  It  can  also  help 
simplify  your  operations  through  standardization 

on  Microsoft15'  Windows"1  2000  Datacenter 

« 

Server.  What’s  more,  it  comes  with  oUr  people, 
who  know  that  the  less  complexity  you  have  to 
manage,  the  more  you  can  accomplish. 


Server  Technology  with  precision  thinking, 
relentless  execution  to  drive  your  vision  forward 


Imagine  it.  Done 


©  2002  Unisys  Corporation  Unisys  is  a  registered  trademark  ot  Unisys  Corporation.  tnteUthg., 
Intel  Inside  logo,  and  Intel  Xeon  are  trademarks  or  registered  trademarks  of  Intel  Cprpgf'tifigffc 
its  subsidiaries  m  the  United  States  and/or  other  countries.  ©  2002  MidfOsott'Cgrpc^atid^BSt 
rights  reserved.  Microsoft.  Windows  and  the  Windows  logo  are  either- registered  'tradBijiamSM 
trademarks  ot  Microsoft  Corporation  in  the  United  States  and/or  other  c6untrjdsCi-ffi&/r//fy 


\\  S'  *■! 


VV. 


' 


jm 


M 


EQUINOX 


Sandstorm  Enterprises,  Inc. 
Netlntercept 

(617)  426-5056 
www.sandstorm.net 

Sandstorm's  Netlntercept®  is  an  advanced 
network  forensics  analysis  tool.  Capture 
and  archive  network  traffic,  reassemble 
TCP  streams  into  sessions,  and  drill  down 
through  multiple  layers  of  encryption,  com¬ 
pression,  and  transfer  encoding. 
Netlntercept  parses  over  80  types  of  data 
streams,  including  common  productivity 
software  and  multimedia  file  formats. 
Discover  employee  abuse,  monitor  network 
use,  detect  anomalies,  and  assess  network 
risks.  Download  our  FREE  whitepaper! 
Prices  start  at  $7,500. 


APC 

PowerStruXure 

(800)  890-4272,  x2484 

www.apcc.com/go/promo/powerstruxure 

APC’s  PowerStruXure  is  an  entirely  new 
approach  to  data  center  support  that  sim¬ 
plifies  the  design,  building  and  management 
of  physical  infrastructure  with  an  innova¬ 
tive,  fully  engineered  and  tested  system.  The 
three  initial  core  solutions  that  comprise 
PowerStruXure  are  a  modular,  scalable, 

N+1  redundant  uninterruptible  power  supply 
(UPS);  zoned,  intelligent  power  distribution; 
PDU;  and  a  next  generation  rack  enclosure. 


an  Avocent  Company 


W  O 


Equinox 

Network-Based  Serial  Connectivity 
Products 

(800)  275-3500 
www.equinox.com 

Equinox  develops  and  markets  high- 
performance,  reliable  and  cost-effective 
serial  connectivity  products.  The  Equinox 
SuperSerial  product  line  provides  the  per 
feet  serial  connectivity  solution  for 
Retail/POS,  Access  Control,  Secure 
Console  Port  Access,  Process  Control, 
Industrial  Automation,  Dial  Access  and  a 
wide  variety  of  custom  applications. 


•V»Boson 

•  •  Software 


Boson  Software,  Inc. 

(813)  925-0700 
www.boson.com 

Here  you  will  find  some  of  the  finest  training 
materials  and  technical  practice  tests  in  the 
industry.  Get  hands-on  experience  with 
Boson's  advanced  Cisco  Router  Simulator 
and  Multimedia  eBook  products.  All  Boson 
Software  products  are  covered  by  a  100% 
Satisfaction  Money  Back  Guarantee. 


AppDancer  Networks,  Inc. 
AppDancer/RV;  AppDancer/FA 
(770)  643-6800 
www.AppDancer.com 

AppDancer  Networks  manufactures  new 
easy-to-use  application-centric  network 
monitoring  and  flow  analyzer  tools. 
AppDancer  products  monitor  critical  net¬ 
work  applications,  including  email,  web,  ftp, 
database,  and  VoIP,  and  create  unique  diag¬ 
nostic  views  of  client-server  conversations. 
Resolve  problems  quicker  and  enhance 
application  performance  with  AppDancer 
software.  The  future  is  now  at  AppDancer 
Networks! 


CL 

O 

I 
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All  efforts  have  been  made  to  make  this  listing  as  complete  and  accurate  as  possible.  Network  World  is  not  liable  for  errors  or  omissions. 
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Reading  someone  else’s 
copy  of  Network  World? 

Apply  for  your  own 
Free  subscription  today. 


Ititirop  trpdrn  ■  .... 


itwor 


Put  to  the  test 


IP  telephony  talk 

zeroes  in  on  SIP  — ... 

New  formula  for  apps  access 


Free  subscription 

(51  Issues) 

To  apply  online  go  to 

subscribenw.com/b02 


subscribenw.com/  b02 

Apply  for  your 

free 

subscription  today! 

(A  $255  value  -  yours  free) 


(866)  TRY-GLCC  (879-4522) 
www.werackyourworld.com 

The  GL840ES-2942  rack  cabinet  is  designed  to 
accept  any  combination  of  multi-vendor  rack 
mounted  servers,  including  the  111  "pizza  box" 
servers  and  the  blade  server  chassis.  The  infi¬ 
nitely  adjustable  rails  can  accept  all  major 
manufacturers’  servers,  as  well  as  the  most 
popular  111  and  Zero-U  PDU's. 


includes  new  Windows  3.0  CE  board  with  a 
400  MHz  processor,  64MB  of  on-board  storage 
and  additional  64MB  of  file  storage. 
Standards- based  network- ready  projector 
includes  TCP/IP,  HTTP,  optional  10  Base-T/100 
Base-T  Ethernet  Network  Interface  Card  and 
a  PCMCIAType  II  slot  for  IEEE  802.11b  wire¬ 
less  network  connection.  Customizable  IP 
address;  connected  wired  or  wirelessly;  offers 
full  Internet  browsing  and  can  be  programmed 


imiim 


F5  Networks 
(206)  272-5555 
www.f5.com 

F5  Networks  provides  the  industry’s  leading 
set  of  integrated  products  and  services  that 
manage,  control  and  optimize  Internet  traffic 
delivery.  Our  solutions  automatically  and 
intelligently  deliver  the  best  possible  Internet 
performance  and  availability  for  service 
providers,  enterprises  and  e-businesses. 


to  send  text  messages  to  a  technician’s  e-mail 
account,  pager  or  cellular  phone. 


Ositis  Software 
SiteStripper 
(925)  225-8900 
www.ositis.com 

SiteStripper  is  a  transparent  bridge  allowing 
you  to  enforce  Web  usage  policy,  recapture 
bandwidth  and  limit  company  liability. 


Digital  V6 
(905)  513-3107 
www.digitalv6.com 

Digital  V6  Corp.  specializes  in  developing 
innovative  remote  network  management 
hardware  and  software  solutions.  Digital  V6 
was  the  first  to  introduce  an  over  IP  KVM 
device  with  automatic  server  monitoring, 
notification  and  remote  power  control, 
known  as  the  Kaveman.  Available  in  single 
and  eight  channel  versions,  Kaveman  gives 
network  administrators  complete  remote 
control  of  servers  via  a  web  browser,  down 
to  the  BIOS  level. 


£LRON 

SOFTWARE 

Elron  Software,  Inc. 

Web  Inspector,  Message  Inspector 
(800)  767-6683 
www.elronsoflware.com 

Elron  Software  provides  a  family  of  security 
solutions,  including  IM  Message  Inspector 
for  web  access  control,  IM  Web  Inspector 
for  email  content  filtering  and  IM  Anti-Virus 
for  virus  protection.  These  award-winning 
solutions  enable  organizations  to  monitor 
and  manage  employee  web  and  email  usage 
while  minimizing  the  risks. 
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people  side  of  prevention 


%  .New  intrusion-prevention  technology  is  cool,  but  it's  nothing  without  great  technologists  backing  it  up 

The  buzz  around  network  intrusion  prevention  is  a  today’s  corporate  environments. 

"lot  like  that  surrounding  airport  security  after  Sept. 

>'  1t:Ttie  jieed  is  critical,  and  everyone  wants  a  high- 
X-^tjBCh  ■■ 

•  ; :  ‘‘You  want  (to^be  able  to  waik  from  your  car,  onto 

*  the  plane,  .without  Having  to  be  frisked  or  ques- 
^:  :^ioned,"' say's  "Greg  Hinkel,  technology  lead  for  com- 
-  “fp.uter  security  at-Oak  Ridge  National  Laboratories, 

b  Department  of  Energy  national  laboratory  in  Oak 
Ridge,  Tenn.  "Most  people  want  all  the  detection  to 
•  be  automated  and  done  while  they’re  walking  in." 

.Vr  But  the  most  secure  airlines  rely  far  more  on  peo- 
/  pie  than  automation,  he  says.  “The  Israeli  airlines 
have  people  who  interview  passengers  and  ask  them 
,a  lot  of  questions.  By  interviewing  their  customers, 

"  they  can  pick  out  anomalies  in  behavior.  Well-trained 
people  will  ferret  out  far  more  breaches  than  the  lat¬ 
est  X-ray  machines  or  what  have  you,  and  that’s  also 
true  of  network  intrusion  prevention." 

But  keeping  skilled  people  in  the  thankless  job  of 
network  security  is  a  tall  order,  says  Steve  Crutchley, 
founder  of  4Front  Security,  an  international  security 
consultancy.  “The  average  tenure  for  a  security 
staffer  in  the  U.S.  is  just  18  months  now,”  he  says, 
pointing  to  a  statistic  many  attribute  to  the  lack  of 
awareness  and  respect  for  computer  security  in 


»  information  officer  that  the 

board  fired  didn't  under- 
Jt _ _ stand  the  system  and 

he says- 

Few  organizations 
IB  tru|y  understand  the 

I  Ullll  - jgJttt.  I  'mP°rtance  °f  hiring, 

training  and  keeping 
competent 

personnel.  “They  put  guys 
in  a  security  department  who  really  have  no  skills," 
Crutchley  says.  "If  you're  thrown  into  a  security  envi¬ 
ronment  and  just  told  to  get  on  with  it,  you're  going  to 
play,  make  mistakes  and  potentially  put  your  organi¬ 
zation  at  risk  while  you  learn  on  the  job.  And  that's  no 
way  to  protect  a  business." 

What  this  means  for  intrusion  prevention,  Hinkel 
says,  is  the  technology  is  backed  up  with  highly 
trained  people  who  can  do  the  assessment,  patches 
and  alarm  correlation,  decipher  the  logs  and  actually 
deter  intrusions.  "We  need  good  boxes  automating 
what  they  can,”  he  says,  "but  it's  only  with  good  peo¬ 
ple  using  the  tools  that  you  get  the  best  outcomes." 

—  Joanne  Cummings 


Damned  if  you  do .. .  W 

The  only  way  to  measure  prevention  success  j| 
is  by  a  dearth  of  incidents,  something  that  jpi 
over  time  can  make  security  investments  iB| 
seem  like  overkill,  says  David  Piscitello,  /*§» 
president  of  consultancy  Core 
Competence. 

He  offers  the  scenario  of  a  security  infor¬ 
mation  officer  who  works  at  a  large  corporation 
that  spends  $25  million  per  year  on  security.  He  has 
used  that  budget  well,  implementing  security  tech¬ 
nologies  that  have  buttoned  up  the  company  against 
any  attacker.  But  without  incidents  to  report  —  look, 
here’s  why  we  need  security  —  he  can't  justify  his 
budget  to  the  satisfaction  of  business  executives. 

“The  poor  security  administrator  has  to  talk  for  30 
minutes  justifying  the  expense,  knowing  full  well  that 
no  one  else  in  the  room  has  a  clue  about  what  he's 
said,"  Piscitello  says.  “And  at  the  end,  they  say,  ‘Well 
that  doesn’t  sound  like  it's  worth  $25  million.  We’re 
going  to  cut  your  budget  30%.'  " 

When  the  company  is  hacked  three  months  later,  it 
soon  becomes  clear  why,  he  says.  "Unfortunately,  the 
guy  they  hired  to  replace  the  $250,000-a-year  security 
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Cost  of  Implementation 


SiteStripper 


A  transparent  bridge  that  removes  undesirable  websites  at  the  network  gateway. 


Proven  Technology 

♦  Partnership  between  Ositis  and  Secure  Computing 
provides  state  of  the  art  technology 

♦  OSAP  (Ositis  Security  Appliance 
Platform)  provides  a  stable  platform 
for  delivery  of  security  solutions 


1  SMARTFILTER 


Reduce  Cost 

♦  Increases  bandwidth  by  limiting  personal  downloads  and  surfing 

♦  Limits  legal  liability  by  prohibiting  access  to  objectionable  websites 

♦  Improves  employee  productivity  by  enforcing  web-usage  policies 


High  Availability 


♦  Load  balancing/redundant  units 

*  Automatic  updates  of  the  SmartFilter  URL  List  via  the  Internet 

4  Multiple  layers  of  software  and  hardware  monitoring  ensure 
stability  and  reliability 


T  msparent  antivirus  appliance  also  available.  See  AVStripper™  on  our  website  -  www.0sitis.com 


Powering  Internet  Managements*  888-946-7769  ♦  www.ositis.com/sitestripper 

,  i  end  '  A«nng  internet  Management  are  registered  trademarks  or  trademarks  of  Ositis  Software,  Inc  SmartFilter  and  Secure  Computing  are  trademarks  of  Secure  Computing  Corporation. 


SiteStripper  transparent  bridge 
$120 


Total  implementation  time  2  hours 


Proxy-based  gateway  solution 
I  $3,000 


| Total  implementation  time  50  hours 

Figures  based  on  cost  of  single  technician  $60/hour. 
Assumes  time  to  configure  one  computer  is  15  minutes, 
and  there  are  200  individual  computers  on  the  network. 


WIRELESS  E-MAIL 


BUILT  AROUND 
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XPRESS  MAIL5”  FROM  CINGULAR. 


Whatever  the  size  of  your  company,  Cingular  Wireless  offers  a  robust 
portfolio  of  Xpress  Mail  solutions  that  offer  on-the-go  access  to  your 
vital  corporate  information.  The  best  part  of  our  solutions?  Each  one 
is  simple  to  use  and  easy  to  manage. 


Xpress  Mail  Network  Edition  is  also  easily  deployable,  eliminating  the 
need  for  software  or  hardware  installation  while  maintaining  control 
and  security.  The  solution  works  over  a  wide  array  of  phones  and 
devices  so  you're  connected  to  your  corporate  e-mail  in  real-time. 
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Our  new  Xpress  Mail  GoodLink  Edition  provides  a  synchronized  wire¬ 
less  connection  with  Microsoft  Exchange  Server*,  so  you're  always  up 
to  speed  with  the  ability  to  read  and  view  attachments  on  the  go. 
Additionally,  with  our  "touch-it-once"  simplicity,  any  updates  on  your 
wireless  handheld  are  mirrored  on  the  desktop. 


Cingular  provides  wireless  voice,  data,  e-mail  and  interactive  services 
to  almost  half  the  Fortune  1  000.  With  nearly  1 0  million  e-mails  securely 
sent  over  the  Cingular  network  each  day,  you  can  trust  Cingular  to 
handle  your  business  needs.  Call  1-877-330-7577  or  visit  us  online  at 
cingular.com/business. 


X  cingular 

WIRELESS 
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What  do  you  have  to  say? 


1  -877-330-7577  www.cingular.com/business 


The  Network  that  powers  Wall  Streepu 

SAVVIS 

Intelligent  IP  Networking 

(800)  SAVVIS-1 
www.savvis.net 

SAVVIS,  known  as  “The  Network  that 
Powers  Wall  Street"sm,  is  a  global  managed 
service  provider  that  delivers  IP  VPNs, 
managed  hosting  and  Internet  services  to 
medium-sized  enterprises  and  the  financial 
services  market.  SAVVIS  was  ranked  the 
eighth  fastest-growing  technology  company 
in  North  America  on  the  2001  Deloitte  & 
Touche  Technology  Fast  500. 


Research  In  Motion  (RIM) 
BlackBerry  Wireless  Solution 
(519)  888-7465 

www.rim.com  and  www.blackberry.com 

Research  In  Motion  Limited  is  a  leading 
designer,  manufacturer  and  marketer  of 
innovative  wireless  solutions  for  the  mobile 
communications  market,  such  as 
BlackBerry™.  BlackBerry  is  the  wireless 
enterprise  solution  that  keeps  teams  con¬ 
nected  to  people  and  information  while  on 
the  go.  Designed  specifically  for  the  enter¬ 
prise,  BlackBerry  is  a  totally  integrated 
solution  that  includes  advanced  wireless 
handhelds  with  optional  data  and  phone 
services;  software  that  integrates  seam¬ 
lessly  with  Microsoft®  Exchange  and 
Lotus®  Domino™;  a  powerful  platform 
based  on  open  standards;  and  end-to-end 
security  with  Triple  DES  encryption. 


Global  Technology  Associates 
RoBoX  Firewall  Appliance 
(407)  380-0220 
www.gta.com 

The  RoBoX  Firewall  Appliance  is  GTA's 
remote  office/branch  office  firewall.  With 
three  fully  configurable  10/100  Ethernet  con¬ 
nections  and  10,000  concurrent  sessions, 
the  RoBoX  offers  more  power  and  flexibility 
than  comparable  appliances.  Based  on  the 
proven  ICSA  certified  GNAT  Box  system 
software,  the  RoBoX  features  include  trans¬ 
parent  NAT,  stateful  packet  inspection, 
built-in  IPSec  VPN,  and  content  filtering  — 
all  packed  in  a  6"  square  case.  Big  security 
in  a  small  box. 


Xtas 


Xterasys  Corporation 
SoGate 

(877)  Xterasys  or  (877)  983-7279 
www.xterasys.com 

Xterasys,  a  global  provider  of  network  solu¬ 
tions,  is  focused  on  advancing  the  state  of 
the  art  in  digital  communications.  Xterasys 
currently  offers  Small  Office  solutions 
including  wired  and  wireless  LAN  and  WAN 
products.  More  information  on  Irvine, 
California  based  Xterasys  can  be  found  on 
the  World  Wide  Web  at  www.xterasys.com. 


All  efforts  have  been  made  to  make  this  listing  as  complete  and  accurate  as  possible.  Network  World  is  not  liable  for  errors  or  omissions. 
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western  telematic  incorporated 


Raritan  Computer,  Inc. 

Paragon  UMT2161 
(732)  764-8886 
www.raritan.com 

Raritan’s  new  Paragon  UMT2161  is  a  2  user, 
16  port  Matrix  Switching  Unit  specifically 
designed  to  bring  Paragon  Power  to  small 
to  mid-sized  data  centers  and  server  rooms. 
Paragon  UMT2161  has  all  the  benefits  of 
the  Paragon  family  of  enterprise-class  KVM 
solutions  including  Cat5  UTP-based 
enhanced  cable  management,  extended 
access  distances,  modular  architecture  and 
easy  expandability  —  all  at  an  entry-level 
price  of  $2,000. 
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Avocent  Corporation 
(256)  430-4000 
www.avocent.com 

Avocent's  new  AutoViewlOOOR  and  2000R 
combine  analog  and  digital  KVM  OVER  IP™ 
switching  technology  all  in  one  switch  for 
total  control  of  any  server.  AVWorks  soft¬ 
ware  is  bundled  with  each  switch  at  no 
extra  charge,  providing  customers  with  an 
intuitive  interface  for  secure  click  and  con¬ 
nect  access  to  any  server. 


Wave  Wireless  Networking 
SPEEDLAN  9000 

(800)  721-9283/(941)  907-2300 
www.wavewireless.com 

Stop  throwing  money  away  on  recurring 
leased  line  charges!  SPEEDLAN  9000  gives 
you  the  power  to  deploy  a  star,  mesh  or  a 
point-to-point  wireless  building-to-building 
network  as  little  as  one  afternoon.  SPEED¬ 
LAN  mesh  technology  even  helps  to  route 
signals  around  obstructions  like  hills,  trees 
or  larger  buildings.  The  platform  features  an 
IIMb/s  radio  operating  at  2.4  GHz,  NAT  and 
DHCP  server/client,  RIP  2,  AES  encryption, 
and  includes  GUI  based  centralized  man¬ 
agement  software. 


Western  Telematic,  Inc. 

(949)  586-9950 
www.wti.com 

Western  Telematic,  Inc.  (WTI)  is  an  industry 
leader  in  designing,  manufacturing  and  mar¬ 
keting  of  data  connectivity  solutions.  WTI's 
current  product  offering  includes  the 
NetReach  line  of  remote  site  management 
hardware.  The  products  consist  of  cost- 
effective  terminal  server  alternatives,  Telnet 
and  dial-up  network  power  switches  and 
secure  modems  for  remote  dial-up  manage¬ 
ment.  In  1975  long  time  company  executive, 
David  Morrison,  took  over  as  President.  Mr. 
Morrison  continues  to  successfully  guide 
WTI  through  its  cutting-edge  commitment 
to  research  and  development. 


All  efforts  have  been  made  to  make  this  listing  as  complete  and  accurate  as  possible.  Network  World  is  not  liable  for  errors  or  omissions. 


’?  /  NfCtiuaxJf-  WasJjL  Suyi-aTurti  Sbtjbk,  9/23/02  Th  m  Ruz*  Ibsus  111111111  niuFuBinn  nnm/huzz  77/7/77/ 


pies  a  valid  business  transaction  may 
an  attack  ...  I  definitely  would  not  want 
nS'.-.. .  blocking  traffic  automatically!” 


security. 


Intrusion,  continued  from  page  72 

of  global  security  at  American  Presidential 
Lines,  an  ocean  shipping  company  in 
Singapore.  He  speaks  from  experience. 

“In  the  past,  our  network-based  IDS  has 
flagged  our  back-up  software  as  a  legiti¬ 
mate  attack.  I  definitely  would  not  want 
my  IDS  sending  TCP  resets  and  blocking 
traffic  automatically!” 


Provide  blade  server 
and  application  high 
availability;  optimize 
performance  with 
BIG-IP  Blade  Controller 


Virtualize  application 
and  blade  server 
resources  to  create  a 
single  scalable  system 

Install  IP  traffic 
management  and  load 
balancing  on  all  leading 
blade  server  brands 


Ensure  correct  content 
and  applications  are 
delivered  without  fail 


Increase  flexibility 
and  economies  of  scale 
already  inherent  in 
Blade  Server  technology 

Customize  BIG-IP  to 
your  environment  easily 
with  i  Con  t  ro  lT"  API 


BIG-IP  Blade  Controller 
IP  Traffic  Management 


F5’s  award-winning  BIG-IP® software  delivers  intelligent 
traffic  management  for  IP  applications  and  services 
running  on  the  leading  blade  server  hardware,  and  it's 
perfect  for  large  enterprises  and  ISPs.  BIG-IP  provides 
application  and  server  high  availability,  security,  scale 
and  fault  tolerance  while  optimizing  the  performance 
of  individual  blades.  Plus  with  F5's  iControl™  API, 
it's  easily  customized.  Scale  up  and  out  with  BIG-IP 
and  leverage  your  investment  over  the  long  term. 
Try  the  future  now.  Download  a  full-function  30  day 
evaluation  copy  of  BIG-IP  Blade  Controller  software 
at  www.f5.com/blade  or  call  1-888-882-4447. 


RLXtechnologies 


INGRAM 


MICRO 


But  the  answer  doesn’t  lie  in  proper 
configuration  alone,  users  and  vendors 
say  Rather,  before  an  IDS  can  work  in  pre¬ 
vention  mode,  it  has  to  support  a  variety 
of  detection  techniques,  including  the  tra¬ 
ditional  signature  detection,  and  it  must 
be  fully  integrated  with  a  vulnerability- 
assessment  tool. 

And  the  start-ups  addressing  intrusion 
prevention  are  doing  just  that. Their  prod¬ 
ucts  employ  multiple  detection  tech- 
niques.such  as  signature, stateful  inspec¬ 
tion  and  protocol  anomaly.  Moreover, 
their  products  integrate  with  firewalls,  IDS 
and  vulnerability  assessment  (see  chart, 
page  72). 

In  particular,  Pescatore  points  to  devel¬ 
opments  from  IntruVert  Networks,  iFblicy 
Networks,  OneSecure  and  TippingFbint 
Technologies. 

“These  start-ups  are  charging  the  hill 
with  pretty  good  technology  approaches,” 
Nguyen  says. 

These  approaches,  the  vendors  say,  let 
them  run  inline  in  the  network,  blocking 
malicious  traffic  in  real  time. This  is  a 
marked  change  from  a  traditional  IDS, 
which  runs  passively  watching  the  network 
traffic  as  it  goes  by  and  delivering  reports 
after  the  fact  based  on  what  it  sees. 

“Inline  intrusion  detection  puts  the 
intrusion-detection  system  inline  like  a 
firewall,” says  Martin  Roesch,CTO  at  intru¬ 
sion-prevention  firm  Sourcefire  and  co¬ 
inventor  of  the  Snort  open  source  IDS. 
“The  IDS  makes  decisions  about  whether 
to  pass  packets  or  not,  much  like  a  fire¬ 
wall  but  with  the  smarts  of  an  IDS.This 
goes  beyond  basic  blocking  because  you 
actually  can  intervene  on  a  session  that’s 
been  established,  and  if  you  see  a  buffer 
overflow,  you  can  stop  it  from  completing. 
You  can  actively  prevent  attacks,”  he  says. 

Intrusion  prevention  is  similar,  but  it  also 
encapsulates  firewall,  antivirus  and  vulner¬ 
ability-assessment  capabilities. 

See  Intrusion,  page  82 


. . .  of  your  intrusion-prevention 
vendor 

•What  are  you  adding  beyond  signature- 
based  detection?  Can  you  do  stateful 
inspection  and  protocol  anomaly 
detection,  for  example? 

•  How  can  I  integrate  vulnerability 
assessment  with  your  product?  With  what 
other  security  tools  do  you  integrate? 

•  How  will  you  get  to  gigabit  rates,  and 
how  will  you  work  at  wire  speed?  How 
do  you  ensure  that  your  tool  won't  be  a 

bottleneck  in  my  network? 

•  How  financially  stable  are  you?  Can  you 
prove  you’re  prepared  to  survive  the 

current  economic  climate? 

•  Is  prevention  your  core  competency,  or 

is  it  just  an  add-on  to  your  primary 
business? 


In  the  Midst  of  the  Telecom  Storm... 

Is  your  Network  Provider  a  Safe  Harbor? 


23SAVVIS 

The  Network  that  powers  Wall  Street sm 


1-800-SAVVIS- 1 
www.  saw  is.  net/testimonials 


There  are  some  things  you  just  can’t  take  a  chance  on. .  .and  your  business  data 
communications  is  certainly  one  of  them.  Wherever  you  are,  whatever  time  it  is, 
you  need  to  know  that  your  network  is  there  when  you  need  it. 

Available.  Predictable.  Secure. 

From  Wall  Street  to  Main  Street,  SAWIS  is  the  financially  sound  choice  for  people 
who  demand  a  proactive  managed  IP  service  provider.  SAWIS  has  been  delivering 
high  performance  IP  VPN  and  managed  hosting  services  to  financial  institutions, 
professional  services  firms,  and  retail  enterprises  for  years.  And,  SAWIS  has  one 
of  the  strongest  balance  sheets  in  the  industry. 

Don’t  just  take  our  word  for  it.  Visit  our  web  site  and  discover  what  the  Chicago 
Board  Options  Exchange,  Looksmart,  the  Philadelphia  Stock  Exchange,  RM  Crowe, 
Shearman  &  Sterling,  Fitch  Ratings,  Telezoo  and  so  many  others  have  to  say  about 
working  with  SAWIS. 


Trust  the  Network  that  Powers  Wall  Street 

to  Empower  your  Business.^ 
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Intrusion,  continued  from  page  80 

The  problem  with  inline  intrusion  pre¬ 
vention  is  that  it  tends  to  become  a  net¬ 
work  bottleneck,  in  much  the  same  way 
firewalls  can  be.  All  network  traffic  needs 
to  flow  through  these  devices,  and  if  they 
don’t  operate  quickly  enough,  they  drop 
packets. 

Speed  is  a  main  criterion  for  intrusion- 


prevention  wares,  Pescatore  says.  “They 
can’t  be  the  bottleneck.They  have  to  work 
at  wire  speed,"  he  says. 

Again,  the  start-ups  appear  to  appreci¬ 
ate  that.  Most  say  their  products  work  at 
gigabit  speeds  and  are  steadily  improv¬ 
ing  performance. 

Is  it  enough? 

So  now  we  have  these  new  devices 


meant  to  limit  false  positives,  use  a  variety 
of  detection  techniques,  integrate  with  vul¬ 
nerability  assessment  and  antivirus  tools, 
and  sit  inline  and  automatically  block  int¬ 
rusions  at  wire  speed  —  at  prices  compa¬ 
rable  to  IDS.  Does  such  functionality  make 
intrusion  prevention  a  sure  thing? 

Not  likely  users  and  analysts  say 

“You  can  do  behavioral  analysis,  anom¬ 
aly  detection  and  all  sorts  of  different 


Web  Inspector 

The  Best  Choice  for  Internet  Filtering 


Protecting  your  network  is  more  important  than  ever— not  to  mention  challenging.  When  you  have  more  security  risks 
than  time  to  handle  them,  Web  Inspector  is  the  right  call  for  reliable,  hassle-free  Internet  filtering.  Whether  you  need 
to  manage  web  access  by  individual  or  group,  handle  a  team  of  50  or  50,000  or  take  advantage  of  just  a  few 
or  .  ',-00  customizable  reports,  Web  Inspector  has  it  covered.  Add  Web  Inspector  to  your  IT  game  plan  — 

cai!  8O0-7t>7-6683  for  a  free  trial  today! 
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ways  of  picking  up  traffic  on  the  network, 
but  chances  are,  there  is  always  going  to 
be  something  that  gets  by  you. They’re  not 
100%  solutions,”  Roesch  says. 

“That’s  one  of  the  risks  of  falling  for  pure 
prevention  as  a  sufficient  technique  by  it¬ 
self,"  says  Nguyen,  whose  primary  preven¬ 
tion  tool  is  NFR  Security’s  SilentRunner.a 
network  diagnostics  and  forensics  pack¬ 
age  that  provides  graphical  views  of  net¬ 
work  traffic, culled  from  IDS,  firewalls  and 
other  network  devices,  and  makes  recom¬ 
mendations  about  closing  vulnerabilities. 
“While  many  of  the  technologies  are  effec¬ 
tive,  you  are  completely  vulnerable  to  the 
things  they  don’t  stop." 

“You  can’t  just  set  the 
IDS  and  forget  it.  You 
have  to  . . .  keep  revisit¬ 
ing  it  as  things  change 
on  your  network.” 

Greg  Hinkel,  technology  lead  for 
computer  security,  Oak  Ridge 
National  Laboratories 


Greg  Hinkel,  technology  lead  for  com¬ 
puter  security  at  Oak  Ridge  National 
Laboratories  (ORNL),a  Department  of 
Energy  national  laboratory  in  Oak  Ridge, 
Tenn.,and  longtime  intrusion  detection 
and  prevention  user,  agrees.“You  can’t  just 
set  the  IDS  and  forget  it.You  have  to  tune 
it  to  your  environment,  and  then  keep 
revisiting  it  as  things  change  on  your  net- 
work.You  have  to  constantly  be  touching 
these  things,”  he  explains,  noting  that 
ORNL  uses  Snort  and  ISS’s  RealSecure 
IDS,  and  homegrown  prevention  tools  tai¬ 
lored  specifically  to  its  network. 

As  with  any  technology,  the  tool  is  only 
as  good  as  the  person  operating  it,  Hinkel 
stresses.“You  can’t  use  technology  to  solve 
everything,"  he  says.“You  have  to  take  peo¬ 
ple  into  account.  Educate  the  users,  have  a 
real  and  knowledgeable  person  studying 
the  traffic,  the  logs  and  so  on.  Know  your 
network.You  can’t  expect  some  piece  of 
hardware  to  fix  everything  for  you.” 

Cummings  is  a  freelance  writer  in  North 
Andover,  Mass.  She  can  be  reached  at 
jocummings@attbi.  com. 


More  nnlmBj 

www.nwfusion.com 

Defining  the  buzz 

We've  defined  hundreds  of  buzzwords 
and  technology  terms  for  you  in  our  new 
online  encyclopedia. 
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FLEXIBILITY 


EASE-0F-USE 


□  NO.  I’m  not  interested  at  this  time,  but  please  add  me  to  your  mailing  list 

Name:  Title: 


(888)  289-APCC  x2483 
FAX:  (401)788-2797 


Company: 

Address: 

Address  2: 

Citv/Town: 

State: 

Zip: 

Country: 

Phone: 

Fax: 

E-mail: 

Yes!  Send  me  more  information  via  e-mail  and  sign  me  up  for  ARC  PowerNews  e-mail  newsletter.  [  Key  Code  g984y  | 


APC 

Legendary  Reliability" 


What  type  of  availability  solution  do  you  need? 

n  UPS:  0-16kVA  (Single  Phase)  □  UPS:  10-80kVA  (3  Phase  AC|  □  UPS:  80+  kVA  |3  Phase  ACI 

□  DC  Power  □  Network  Enclosures  and  Racks  □  Precision  Air  Conditioning  □  Monitoring  and  Management 

□  Cables/Wires  □  Mobile  Protection  □  Surge  Protection  □  UPS  Upgrade  □  Don't  know 
Purchase  timeframe?  □  <  1  Month  □  1-3  Months  □  3-12  Months  □  1  Yr  Plus  □  Don't  know 
You  are  (check  1):  □  Home/Home  Office  □  Business  (<1000  employeesl  □  Large  Corp.  |>1000  employees! 

D  Gov'nt.  Education.  Public  Org.  □  APC  Sellers  &  Partners 
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E-mail:  esupport@apcc  com 


132  Fairgrounds  Road.  West  Kmgston,  Rl  02892  USA 


BUSINESS  REPLY  MAIL 

FIRST-CLASS  MAIL  PERMIT  NO.  36  WEST  KINGSTON  Rl 
POSTAGE  WILL  BE  PAID  BY  ADDRESSEE 

APC 

ATTENTION  CRC:  g984y 
Department:  C 
132  FAIRGROUNDS  ROAD 
PO  BOX  278 

WEST  KINGSTON  Rl  02892-9920 
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UNITED  STATES 


From  1.5kW  to  5MW,  APC  PowerStruXure™  architecture  provides  a  patent-pending, 
systematic  approach  to  building  data  center  infrastructure  utilizing  standardized, 
pre-assembled  components. 

Finally,  you  can  adapt  to  the  ever-changing  requirements  of  your  data  center,  pro¬ 
actively  manage  your  power  infrastructure,  and  increase  your  system  availability 
per  dollar. 


Best  of  all,  you  will  never  be  boxed  in  by  proprietary  solutions.  PowerStruXure  is 
vendor-neutral  and  compatible  with  all  major  server  and  internetworking  platforms. 


including  HP/Compaq,  Dell,  IBM,  Sun,  Cisco,  Lucent,  and  Nortel. 


Register  today  for  a  PowerStruXure  Executive  Breakfast 


Albuquerque,  NM 
Atlanta,  GA 

Austin,  TX 
Baltimore,  MD 
Boston,  MA 
Charlotte,  NC 
Chicago,  IL 
Cincinnati,  OH 
Cleveland,  OH 
Columbus,  OH 

Dallas,  TX 

Denver,  CO 

Detroit,  Ml 

Grand  Rapids,  Ml 
Houston,  TX 
Indianapolis,  IN 
Jacksonville,  FL 
Kansas  City,  M0 
Long  Island,  NY 
Los  Angeles,  CA 

Louisville,  KY 
Memphis,  TN 
Miami,  FL 
Milwaukee,  Wl 
Minneapolis,  MN 
Montreal,  QC 

New  Orleans,  LA 
New  York  City,  NY 
Oakland,  CA 
Orange  County,  CA 

Orlando,  FL 
Parsippany,  NJ 
Philadelphia,  PA 
Phoenix,  AZ 
Pittsburgh,  PA 
Portland,  OR 
Raleigh,  NC 
Richmond,  VA 
Sacramento,  CA 
Salt  Lake  City,  UT 

San  Diego,  CA 

San  Francisco,  CA 
Seattle,  WA 

Silicon  Valley,  CA 
St.  Louis,  M0 
Tampa,  FL 

Toronto,  ON 
Vancouver,  BC 
Washington,  DC 

How  To  Register: 

Visit  http  .//promo,  ape.  com  and 
enter  the  registration  code  below 
or  call  1  -888-289- APCC  x2483. 

Registration  Code: 

Can't  Attend  the  Breakfast? 
Attend  a  FREE  Web  Seminar.  For  full 
schedule  and  registration  information, 
visit:  http://promo.apc.com  and  enter 
the  registration  code  on  the  left. 

* Representative  savings  based  on  projected  power  infrastructure  build-out  costs  and  estimated  service  cost  per  unit.  Actual  savings  may  vary. 

©2002  American  Power  Conversion  Corporation.  All  Trademarks  are  the  property  of  their  owners.  PowerFax:  1800)  347-FAXX  •  E-mail:  esupportOapcc  com 


"APC  PowerStruXure  allowed  us  to 
buy  less  up  front  and  gives  us  the 
flexibility  of  easy  future  expansion . 
I  enjoy  the  fact  that  I  can  buy  only 
what  I  need  now  and 
add  to  it  later  only 
when  I  need  to. " 

Michael  Touchstone 

Manager  of  Energy 
Conservation, 

Cox  Communications 


Legendary  Reliability 


•  132  Fairgrounds  Road,  West  Kingston,  Rl  02892  USA  •  PSX3A2EF-US 


SIGN-OFF 


Take  a  quick  whirl 
through  six  emerging 
technologies  working 
up  real  buzzes. 
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but  that  might  not  always  be  the  case.  Revenues  for 
North  American  3G  services  are  predicted  to 
increase  from  a  projected  $2.5  billion  in  2004  to 
almost  $6.7  billion  in  2006  as  businesses  and  con¬ 
sumers  adopt  en  masse,  says  the  UMTS  Forum,  an 
international  industry  association  that  promotes  a 
3G  technology  called  the  Universal  Mobile 
Telecommunications  System. 

Yet,  the  latest  scuttle  says  that  802.1 1  public  wire¬ 
less  LANs  could  cut  off  3G  at  the  knees.  Here’s  the 
argument:  802.1 1  chips  will  drop  in  price  to  a  cou¬ 
ple  of  dollars  each,  making  them  standard  fare  on 
most  laptops  and  many  consumer  devices.  By  2006, 
more  than  5  million  people  will  access  the  Internet 
regularly  via  nearly  42,000  publicly  available  wire¬ 
less  LANs  dotting  the  U.S.,IDC  predicts.  So,  who 
needs  3G? 

Wireless  service  providers,  which  are  spending  bil¬ 
lions  of  dollars  to  upgrade  their  networks  to  3G,want 
to  squash  this  line  of  thinking.  In  July,  a  UMTS  Forum 
report  concluded  that  3G  and  public-access  wireless 
LANs  will  complement,  not  compete.  Perhaps,  but  the 
decapitation  of  pay  phone  revenue  by  cell  phone 
use  teaches  that  one  technology  is  likely  to  domi- 
nate.The  forum’s  report,  not  surprisingly  says  3G 
would  dominate,  because  it  can  be  used  while  travel¬ 
ing  at  high  speeds,  among  other  reasons. 

Either  way,  you  and  your  road  warriors  will  win, 
as  wireless  becomes  just  another  IP  fabric  to  you. 

Grid  computing 

Grid  computing,  also  known  as  computational 
grids,  is  server  clustering  to  the  umpteenth  power.  It 
taps  into  unused  CPU  cycles  on  widely  distributed 
computers  and  coordinates  those  cycles  to  calcu¬ 
late  enormously  complex  problems.  For  instance, 
the  United  Devices  Cancer  Research  Project  uses  a 
computational  grid  to  process  molecular  research. 
Anyone  can  donate  CPU  cycles  to  the  project  by 
installing  freeware  onto  a  computer. 

But  grids  needn’t  be  a  hodge-podge  of  hosts. 

Some, such  as  the  optical  research  network  TeraGrid, 
are  created  among  designated  computers, similar  to 
how  a  company  might  construct  one. TeraGrid  links 
computers  at  the  National  Center  for 
Supercomputing  Applications,  Argonne  National 
Laboratory,  the  University  of  Illinois  at  Urbana- 
Champaign  and  Northwestern  University. 

Grid  computing,  like  the  Internet,  might  one  day 
be  part  of  the  average  company,  but  not  before  soft¬ 
ware  development  toolkits,  management  tools  and 
fault-tolerance  methods  are  mature  enough.  Efforts 
abound  on  this,  such  as  the  Globus  Project’s  open 
source  Globus  Toolkit  for  building  grids,  and  the  Grid 
Application  Development  Software  Project’s  applica¬ 
tion  development  environment. 

Commercial  vendors  include  Avaki;  Entropia;  and 
IBM,  Hewlett-Packard  and  Platform  Computing,  all  of 
which  sell  and  support  the  Globus  Toolkit.  ■ 


identity  management 

Of  course  you  want  to  protect  your  network  from 
hackers,  cyberterrorists  and  other  boogeymen.You 
want  to  know  who  is  logged  on,  regardless  of  loca¬ 
tion  or  type  of  client,  and  that  only  those  who  have 
a  right  to  use  them  can  access  resources.You  want 
identity  management.You  want  it  so  badly  that  mar¬ 
keters  are  busily  relabeling  an  impossibly  wide 
range  of  offerings  —  from  portal  authentication 
servers  to  log  reporting  applications  —  as  “identity 
management”  products. 

Yet  the  core  of  identity  management  is  tried-and- 
true  password  management  tools  coupled  with  new 
automated  account  management  software.This  lat¬ 
ter  “provisioning”  software  is  buzz,  too. 

Password  management  is  a  relatively  mature  set 
of  technologies,  typically  for  help  desks,  available 
from  vendors  such  as  Courion,  M-Tech  Mercury 
Information  Technology,  PentaSafe  Security 
Technologies  and  single-sign  on  vendors  such  as 
Oblix.  Provisioning  adds  a  workflow  engine,  middle¬ 
ware  and  features  for  automating  user  account 
management.  Most  password  management  vendors 
offer  products  for  some  form  of  provisioning,  such 
as  managing  IT  accounts  when  hiring,  moving  or  fir¬ 
ing  employees.  Other  vendors,  such  as  Business 
Layers  and  Waveset  Technologies,  offer  tools  for  larg- 
er-scale  provisioning  such  as  granting  access  to  IT 
resources  based  on  user  role.This  type  of  provision¬ 
ing  is  doable  today  and  much  closer  to  the  identity 
management  ideal,  but  tends  to  require  much  busi¬ 
ness  re-engineering  and  considerably  deep  pockets. 

Enterprise  content  delivery 

Graft  caching  and  intelligence  and  you  get  con¬ 
tent-delivery  network  switches,  the  root  of  an  enter¬ 
prise  CDN  (eCDN).  Companies  are  about  to  go  nuts 
for  eCDN,  analysts  predict.  IDC  tags  spending  at  $  1 .3 
billion  in  2006  for  CDN  equipment,  most  of  that  for 
switches,  up  from  less  than  $400  million  in  2001. 

An  evolution  of  simple  caching,  eCDNs  let  com¬ 
panies  intelligently  manage  what  data  is  cached, 
arid  where.  For  instance,  the  eCDN  could  enact  a 
rule-  to  cache  in  a  specific  location  any  data  that 
is  1 1  quested  repeatedly  by  the  same  region  over  a 
specified  time  frame.This  way  companies  can  cache 
■lot  only  Web  data  but  also  streaming  media  and, 
eventually,  e-mail  and  non-IP  legacy  applications, 
says  Lucinda  Borovick,  an  IDC  analyst. 

ECDN  vendors  include  Cisco,  Digital  Pipe,  F5 
Networks  and  Volera. 


IT  portfolio  management 

If  you  find  the  term  IT  portfolio  man¬ 
agement  confusing,  you’re  not  alone. 

Some  use  it  in  reference  to  an  ever-more- 
sophisticated  breed  of  asset  management  and 
capacity  planning  products.These  tools,  from  com¬ 
panies  such  as  Opnet  Technologies,  Clairvoyant  and 
NetScout  Systems,  are  meant  to  allow  accurate  fore¬ 
casts  of  what  equipment  you  must  buy  next  — 
often  down  to  the  brand  name.  Other  industry 
observers  say  IT  portfolio  management  means  a 
comprehensive  cost/benefit  view  of  all  things  IT  — 
hardware,  software,  services  and  worker  knowledge 
—  past,  present  and  planned. 

Additionally,  a  crop  of  IT  project  management 
tools  make  up  a  closely  related  buzz  term:  project 
portfolio  management. These  tools  help  users  run 
multiple  IT  projects  while  analyzing  the  bigger  pic¬ 
ture  of  overall  IT  spending  and  scheduling.This 
batch  includes  software  from  vendors  such  as 
Artemis  International,  ProSight  and  Pacific  Edge. 

What  all  these  definitions  have  in  common  is 
accountability  Whether  or  not  you  use  a  trendy  term 
like  IT  portfolio  management  for  your  resource  allo¬ 
cation  methods,  this  is  the  era  of  spending  account- 
abilityAnd  network  executives  must  be  equipped  to 
quantify,  and  defend,  resource  consumption. 


Honeypots  for  security 

If  crime  fighting  runs  in  your  blood,  then  honey- 
pots  could  be  for  you.  Honeypots  are  a  form  of  intru¬ 
sion  detection  that  tricks  hackers  much  like  a  law  en¬ 
forcement  sting  operation  draws  in  wrongdoers.The 
bad  guys  think  they  are  cracking  your  server  but  the 
honeypot  is  actually  feeding  them  false  information 
or  acting  as  a  decoy  server  intended  to  be  compro¬ 
mised.  In  some  cases,  honeypots  gather  information 
useful  for  tracking  down  your  attacker. 

Researchers  tend  to  use  honeynets,  an  extreme 
form  of  honeypot  in  which  an  entire  network  is  the 
lure,  to  discover  new  hacker  trends. 

Honeypots  will  become  a  crucial  tool  for  the  good 
guys  because  they  divert  all  types  of  attackers  and 
provide  an  understanding  of  hackers  and  their  tools, 
says  security  expert  Marcus  Ranum  in  the  foreword 
of  a  newly  published  book  on  honeypots. You  can 
find  honeypots  from  a  variety  of  vendors,  such  as 
Symantec,  which  recently  acquired  Recourse  Tech¬ 
nologies  and  its  ManHunt  honeypot,  and  ForeScout 
Technologies,  with  its  ActiveScout.  Or  you  can  down¬ 
load  one  of  the  original  honeypots,  Fred  Cohen’s 
Deception  Tool  Kit,  from  www.all.net. 


Public  wireless  nets 

When  Sprint  launched  a  nationwide,  3G  wireless 
network  in  August,  the  buzz  over  3G  grew  to  a 
scream.True,  3G  services  for  now  are  for  consumers, 
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know. 


Out  of  the  office  used  to  mean  being  out  of  touch.  Now  there's 
BlackBerry,™  the  wireless  enterprise  solution  that  keeps  your 
team  connected  to  people  and  information  while  on  the  go.  BlackBerry  is 
designed  specifically  for  the  enterprise,  with  impressive  ROI  potential.  With 
BlackBerry  Enterprise  Server  software,  IT  benefits  from  centralized  management 
and  control.  Mobile  users  stay  connected  and  productive.  For  those  in  the 
know,  BlackBerry  has  become  the  corporate  standard  for  wireless  connectivity. 

•Check  with  your  service  provider  for  availability.  c2002  Research  In  Motion  Limited  (RIM)  All  rights  reserved  BlackBerry  is  an  end-to-end  wireless 
solution  developed  by  RIM.  BlackBerry,  the  BlackBerry  logo,  the  'envelope  in  motion"  symbol,  RIM,  the  RIM  Wireless  Handheld  family  of  marks 
and  the  RIM  logo  are  trademarks  or  registered  trademarks  of  RIM  All  other  trademarks  are  the  properties  of  their  respective  owners. 


The  BlackBerry 
enterprise  solution  includes: 

>  advanced  wireless  handhelds  with  optional 
data  and  phone  services* 

>  software  that  integrates  seamlessly  with 
Microsoft®  Exchange  and  Lotus®  Domino’" 

>  a  powerful  platform  based  on  open  standards 

>  end-to-end  security  with  Triple  DES  encryption 


BLACKBERRY 


WWW. BLACKBERRY.  COM 


gt»€&«itmand  Power  Switching  for  your 
iefwork  Equipment...  from  Anywhere! 


Applications: 

Remote  Power  Management 
X  Servers 

X  Routers  Firewalls  DSU/CSU's 
X  Web  Cams 

Turn  On/Off  any  AC  or  -48VDC 
Powered  equipment  via  telnet, 
modem  or  local  terminal. 

Electronic  equipment  sometimes  "locks- 
up"  requiring  a  service  call  just  to  flip 
the  power  switch  to  do  a  simple  reboot. 
With  WTI  Remote  Power  Switches  you 
have  the  ability  to  perform  this  function 
from  anywhere  on  the  LAN/  WAN,  or  if 
the  network  is  down,  to  simply  dial-in 
from  a  modem  for  out-of-band  control. 

For  over  a  decade  WTI  has  been 
leading  the  way  in  Remote  Power 
Switching  technology  offering  more 
products  choices  for  small  or  large  scale 
remote  management  strategies. 

Our  switches  are  now  installed  in 
thousands  of  sites  world  wide.  Our 
customers  know  they  can  depend  on 
our  superior  quality  and  reliability  for 
their  most  mission-critical  operations. 

Yes,  we  are  customer  friendly! 

X  Two  year  warranty 
X  We  stock  for  same  day  shipment 
X  30  day  return  policy 
X  Start-up  cables  and  rack  ears  included 

Want  an  on-line  demo? 

Just  call  or  e-mail  and  you'll  see  for 
yourself  why  so  many  network 
professionals  choose  WTI. 


EIGHT  PLUG  -  DUAL  BUS 


©  Dual  15  Amp  Circuits 
©  Telnet,  lOBaseT  Ethernet 
©  RS232  Console  and  Modem  Ports 
©  User  plus  Admin  Security  Features 
©  115VAC  and  230 VAC  Models 


TWO  PLUGS  -  LOW  COST 


©  Two  Addressable  Plugs 
©  Telnet,  lOBaseT  Ethernet 
©  RS232  Console  and  Modem  Ports 
©  115VAC  and  230VAC  Models 
©  Manual  on/off  Buttons 


HIGH  CURRENT  -  DUAL  BUS 


NPS-2HD 


©  Ideal  for  CISCO  6500/7500 
©  Dual  20  Amp,  115VAC  Circuits 
©  Telnet,  lOBaseT  Ethernet 
©  RS232  Console  and  Modem  Ports 


DUAL  BUS  -48VDC 


©  Dual  -48VDC,  40  Amp  Circuits 
©  Telnet,  lOBaseT  Ethernet 
©  RS232  Console  and  Modem  Ports 
©  On/Off/Reboot  Switching 


CODE  ACTIVATED  - 
EXPANDABLE 


©  Single  10  Amp  Circuits 

©  Expandable  to  10  Individually 
Switched  Plugs 

©  RS232  Control  Port 


FIVE  CIRCUIT 
-48VDC  POWER  BAR 


RPB+DC30 


©  Five  Individually 
Switched  Circuits 

©  Switch  -48VDC,  12  Amps 
each  Circuit,  30  Amps  Total 

©  Also  Available  in  115VAC 
and  230VAC  Models 


www.wti.com 


(800)  854*7226 
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Keeping  the  Net.. .Working! 
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Finest  technical  practice  tests  in  the  industry 


All  Boton  Software,  Inc.  study  guides.  practice  tests,  and/or  materials  Is  not  sponsored  by.  endorsed  by  or  affiliated 
with  ISC2.  SANS,  Casco  Systems,  Inc..  ProSoft.  Inc.  Cher*  Point,  Inc.  C*bc,  Inc,  Microsoft,  trvc,  or  any  other  company. 
Boson.  Boson  Software,  Boson  Training,  Router  University.  RouterU,  Router  Emulator,  RouterEMU.  RoutarSim,  Krang. 
QuizWaro.  Network  Emulator  Network  Simulator,  boson  com,  Boson  Router  Simulator,  and  Router  Simulator,  arc 
Trademarks  or  Registered  Trademarks  of  Boson  Software.  Inc  in  the  United  States  and  certain  other  countries. 

At  other  trademarks  are  trademarks  of  their  respective  owners.  Copyright  2002  Boson  Software,  Inc 
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KVM  Access 
over  IP 
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KVM  Access 
Over 

Web  Browser 


If  having  remote  access  to 
your  servers  over  IP  means 
installing  proprietary  software 
or  PCI  cards,  that's  not 
convenient,  anywhere,  anytime 
access.  Introducing  the  new, 
multi-port  TeleReach®. 

TeleReach  is  the  easiest,  most 
secure  way  for  one  or  more 
users  to  remotely  access  and 
manage  multiple  servers 
through  a  KVM  switch,  from 
any  PC  running  the  Internet 
Explorer®  4.0  browser. 

To  see  and  feel  the  power  of 
remote  KVM  access  over  Web 
browser,  call  Raritan  Sales  at 
(800)  724-8090  to  sign  up 
for  a  I  ive  demo  from  your 
own  desktop. 
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Raritan 


V 


X 


www.raritan.com 

_  \ 

800-724-8090 

/j/  /7  \  >  732-764-8888 
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Intelligent  KVM  Switch  Technology 
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Raritan  and  TeieReach  are  registered  trfddfnarks  of  Rantan  Computer,  tnc.  MwroedH  Internet  Explorer  is  a  regts»-  ed  trademark  o «  :  v»  M-.r  ,'rfi  C« 
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that  works 


Campus  Mesh 
Point-to-multipoint 
Building-to-building 
Backbone 


WIRELESS  NETWORKING 

www.  wa  vewireless.  com 


800-721  -WAVE  (9283)  •  941-907-2300  •  FAX  941  -355-0219 


*  ' -onnects  to  standalone  computers  or  any  KVM  switch 
k  -ah  quality  16-bit  video  at  up  to  1280x1024  resolution 

*■  r-asy  to  install,  give  it  an  IP  address  and  run  the  Viewer 
gram,  no  user  license  required 

**  L  ‘  ‘d  communication  produces  highly  secure  operation 
g,  -n-j  scrolling  features  for  maximum  flexibility 

■  Sin-  !OUf.-*  cursor  simplifies  user  interface 

■  Sc-t  ■  ,.ir  sn-vr  from  one  screen  with  quad  screen  mode 

■  Lifetime  free  flash  upgrades 


UltraLink  sets  a  new  standard  in  remote  management  of  server  room 
environments.  It  saves  you  money  by  allowing  you  to  centralize  your  IT 
resources.  Since  it  does  not  depend  upon  software  loaded  on  your 
computers,  it  deploys  easily  and  works  on  any  operating  system,  such 
as  Windows,  Linux,  Solaris,  Unix,  or  OSX. 


The  UltraLink  digitizes  the  remote  computer's  video.  It  then  scales, 
compresses,  encrypts,  and  packetizes  it  into  the  TCP/IP  protocol.  At 
your  PC  the  free  Viewer  application  receives  and  displays  the  video  and 
sends  back  keyboard  and  mouse  data.  This  process  allow  you  to  access 
remote  computers  from  anywhere. 


Rose  is  a  leading  manufacturer  of  switching,  extension,  and  access 
products.  As  a  KVM  industry  pioneer,  Rose  is  known  for  its  technically 
superior  and  price  competitive  products. 


Join  the  ranks  of  many  successful  companies  using  UltraLink,  call  Rose 
to  learn  more  about  KVM  Access  over  IP  as  well  as  KVM  Switches  and 
Extenders. 


USA  toll  free  800  333  9343 
ROSE  US  281  933  7673 
ROSE  Europe  +44  (0)  1264  850574 
ROSE  Asia  +617  3427  5353 


WWW.ROSE.COM 


Rose  Electronics 
10707  Stancliff  Road 
Houston,  TX  77099 


ELECTRONICS 


CONTROL  KEYBOARD,  VIDEO  AND  MOUSE  REGARDLESS  OF  LOCATION 
With  the  Kaveman  networking  device,  you  can  remotely  control  servers,  either  over 
the  Internet  or  a  local  network,  down  to  the  BIOS  level. 


ACCESS  SERVERS  USING  A  WEB  BROWSER  OR  VNC 

All  you  need  to  operate  Kaveman  is  a  web  browser  or  VNC  on  the  remote  client.  No 
additional  software  is  required.  And  no  software/users  licenses  help  keep  your  costs 
down. 


&  1/  e  m  a  n 

COMPLETE  KVM  CONTROL  VIA  TCP/IP 


REMOTB.Y  CONTROL  POWER 

Through  the  user-friendly  Kaveman  GUI,  you  can  control  the  power  of  up  to  eight 
devices. 


^  -  llllllll 


AUTOMATICALLY  MONITOR  SERVER  ACTIVITY 

Kaveman  automatically  monitors  critical  server  vitals  such  as  power,  video,  and 
keyboard  response;  it  alerts  you  to  crashes  and  enables  you  to  quickly  respond  to 
problems. 


Remote  Client 


K  s  i/«  m  s  n 


Servers 


Dl 


The  Engine  of  Innovation 


Available  in  single  and  eight  channel  versions 


www.digitalv6.com 


Resellers  and  Distributors  Welcome 
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The  Hub  of  the  Network  Buy 


There  is  A  Better  Way  To  Troubleshoot  &  Manage  Your  Network 


Expert 
Observer 
* 2895 


Observer 
Suite 
$ 3995 


Observer® — Quickly  identifies  network 
trouble  spots  and  costs  thousands  less  than 
expensive  hardware-based  analyzers. 
Observer  provides  metrics,  capture,  and 
trending  for  both  shared  and  switched 
environments. 

•  Full  packet  capture  and  decode  for  over 
500  protocols,  including  TCP/IP  (v4  &  v6), 
NetBIOS/NetBEUI,  XolP,  SNA,  SQL,  IPX/SPX, 
Appletalk  and  many,  many  more! 

•  Switched  mode  sees  all  ports  on  a  switch 
gathering  statistics  from  an  entire  switch  or 
capture/statistics  from  any  port(s) 

•  Long-term  network  trending  collects 
statistical  data  for  days,  weeks,  months, 
even  years 

•  Real-time  statistics  include  Top  Talkers, 
Bandwidth,  Protocol  Statistics,  and 
Efficiency  History 

•  Ethernet  (10/100/Gigabit),  Token  Ring, 
FDDI,  and  Wireless  802. 1 1 — no  need  to 
purchase  separate  tools 


•  Windows®  98/Me/NT/2000/XP  compatible 

•  Over  4,000  frame  types  recognized 

Expert  Observer — Identifies  problems  and 
provides  Expert  information  in  plain  English. 
Includes  all  of  the  features  of  Observer  plus 
real-time  and  post-capture  expert  event 
identification  and  analysis — new  SQL  and 
Frame  Relay  experts  add  to  the  many  other 
protocols  covered,  time  synchronization 
technology,  and  modeling  of  network  traffic. 

Observer  Suite — The  ultimate  tool  for 
the  most  demanding  power  user. 

Provides  a  full  complement  of  tools  that 
includes  all  of  the  features  of  Expert 
Observer  plus  SNMP  management,  RMON 
console/Probe  and  Web  reporting.  Includes 
one  remote  Probe. 

If  you  have  any  network  problems,  find 
out  the  cause  with  Observer,  Expert 
Observer,  or  Observer  Suite. 


Call  800-526-7919  or  visit  us  online  for  a  full-featured  evaluation: 

www.NETWORKINSTRUMENTS.com 

US  (952)  932-9899  •  Fax  (952)  932-9545  •  UK  &  Europe  +44  (0)  1959  569880  •  Fax  +44  (0)  1959  569881 
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-1000 


Firewall  Appliance 


New  kid  on  the  block? 

Hardly*.. 

The  GB-1000  Firewall/VPN  appliance  is  powered 
by  the  GNAT  Box  System  software  -  the  original, 
small  footprint,  high  performance  firewall  system  first 
introduced  in  1996.  The  GB-1000  is  deployed 
worldwide  by  organizations  that  desire  rock-solid 
operation  and  the  best  price/performance  ratio  on  the 
market  today. 

The  GB-1000  has  many  standard  features  including 
IPScc  VPN,  DNS  server,  failover  routing  and  DHCP 
semces'.-Qptional  features  such  as  high  availability  and 
24x7  support  are  also  available. 

jBBwEmgsfe.'  (»c. 

Vlmpiuc  VeB  site,  email  or  call  for  * 

a 


Years:  10 

GTA  has  10  years  experience  in  developing  quality  software.  Sincel994,  GTAhas  been 
producing  solid,  dependable,  ICS  A  certified  firewalls,  with  a  powerful  feature  set  at  an 
affordable  price. 

NICs:  4+ 

The  GB-1000  standard  configuration  includes  4  built-in  10/100  NICs.  Expansion 
options  allow  the  addition  of  up  to  4  more  NICs,  including  Gigabit.  Each  NIC  is  fully 
addressable,  allowing  flexible  configuration. 

Users:  00 

The  GB-1000  has  an  unlimited  user  license  and  supports  128,000  concurrent 
connections.  Our  powerful  dynamic  network  address  translation  technology  and 
stateful  packet  inspection  engine  provide  all  users  with  transparent  Internet  access  and 
proven  network  security. 


Global  Technology  Associates,  Inc. 

1-800-775-4GTA*  www.gta.com  •  info@gta.com 


CERTIFIED 
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NEW  i 
UNIVERSAL 


"Serial 


Dial  access  at  its  best! 


Adapters  available  in 


yvww.equinox.com 
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an  Avocent  Company 


MM 


One  Equinox  Way,  Sunrise  FL  33351  In  the  U.S.  call:  800-275-3500  or  email:  sales@equinox.com,  for  international  sales  call:  +1  -954-746-9000  or  email:  intlsales@equinox.com 

O  July  2002  Equinox  Systems,  an  Avocent  Company.  All  rights  reserved.  All  brand  names  and  product  names  are  trademarks  or  registered  trademarks  of  their  respective  holders. 


Serial  Connectivity  Solutions 


Het^based  .Connectivity 


Relialil  e  ia  n  d  iCostgeff  ect  i  veiSerjal 


($ Cables 


Complete  Fiber  Optic 

Jumper  Cable  Solutions 

(lowest  Price  Guaranteed i 
@ast  Turn  Around 

Same  Day  Shipping  -  Standard  items 
As  fast  as  48  hrs  -  Custom  Cables  ** 

(Custom  Configurations 

Any  Way  you  want ... 

SC.  ST,  LC,  MU,  and  MTRJ 
Multimode  and  Singlemode 
Duplex  and  Simplex 

Quality  Assured 

Each  Jumper  individually  tested 
Test  results  included 

0  year  Warranty 

Be  Confident  with  our  Jumpers 

O 5.00  Off  Online  Orders 

With  Coupon  NW72202 

Offer  good  on  Web  orders  only.  Offer  expires  11/30/02. 


See  Web  site  for  details 

•  Lead  times  may  vary  depending  on  product  and  quantity 


Ph:  (800)555-7176  WWW.gOCables.com  Fax:  (562)356-3200 


AppDancer  /  FA 

Network  Flow  Analyzer 

•  An  Easy-To-Use  Network  Viewing  Tool 

•  Email  •  Database  »VoIP  »Web 

•  Identifies  Problems  Causing  Slow  Downs 

•  Monitors  Applications,  Network  Devices, 
and  Network  Traffic 

•  Affordable  ^  *  1 1  klkl  T 


Free  Download! 

www.  App  Dancer,  com 


BEST  OF  INTEROP 

NETW^RLDUNTEROP 


o 


CMP  mUlfftEI  EETlMES 


Call  Toll  Free 
800.82S.7563 


Dancer 


r  k  s 


AppDancer  Networks,  tm 

1000  Holcomb  Woods  Parkway 
Suite  426 

Roswell,  GA  30076-2585  US- 

email  info@AppDancer.com 

telephone  77 0.643.6800  USA 
web  www.AppDancer.com 


|  |  |  |  A  V  j 

Q&pu&r 

Call  1-866-TRY-GLCC  op  visit  us  at 


ureat 


Corporate  Headquarters: 

P.O.Box  551,  Edinboro,  PA  16412 
Western  Distribution: 

3875  Corsair  St.,  Suite  “0” 

Reno,  NV  89502 
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Knowledge  is  Power 


ADVANCED 

NETWORK 

FORENSICS 

ANALYSIS 


#  Patent  Pending  SSH2  Decryption 
®  Catches  Header  and  Port  Spoofing 
$  Reassembles  Packets  into  Streams 

#  Guaranteed  Invisible  on  the  Network 

#  View  Email,  Web  Pages,  and  File  Contents 

#  Finds  and  Reports  Cleartext  Passwords 
®  Full-Content  Inspection  &  Analysis 

#  Filters  or  Records  All  Your  Traffic 

#  Drill  Down  through  Connections 

#  Secure  Remote  Administration 


Sandstorm 

Enterprises" 


Netlntereept 

Knowledge  is  Power 


Tools  with 
sharp  edges? 


For  a  Free  Whitepaper  or  Demo 
VISIT  www.netintercept.com 


Copyright  ©  2002  Sandstorm  Enterprises,  Inc.  All  Rights  Reserved. 
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SENSAPHONE® 

IMS- 


Internal 

UPS 


Microphone 

for  Sound 
Monitoring 


Embedded 

Web 

Server 


Sends 

E-Mail 


Power 

Outage 


8  RJ-45  Sensor  Inputs 

( Temperature ,  Humidity, 
Woter,  Motion,  Power, 
Smoke/fire) 


Sends 

SNMP 

Messages 


Monitors 

64 

IP  addresses 


Power 

Control 

Interface 


Ethernet 

Port 


Internal  Voice, 
Modem 
6t  Pager  Port 


BE  NOTIFIED  BEFORE  CRITICAL  EVENTS  TURN  INTO  DISASTER! 


•  Eight  environment  inputs 

•  Power  sensing 

•  Monitors  64  IP  addresses 

•  Send  alerts  to  64  people 

•  8  methods  of  contact 

•  Calendar  scheduling 

•  Expands  to  256  sensors 

•  Remote  power  control 

•  Optional  camera 


The  Sensaphone  IMS-4000  Infrastructure 
Monitoring  System  monitors  critical  environ¬ 
mental  and  network  elements  in  your  server 
room,  data  center,  or  telecomm  installation  and 
reports  to  you  instantly  when  events  threaten 
your  infrastructure.  The  IMS-4000  keeps  watch 
so  you  don't  have  to.  See  these  features  and 
more  on  the  web  at  www.ims-4000.com 


How  do  you  reboot  l6 

equipment  units... 


using  Zero  U 

of  rack  space? 


9  Sentry  POWER  TOWER  :  Your  Zero  U  Reboot  Solution 


16  remotely  addressable  power  outlets  — 
The  highest  density  available  of  any 
Remote  Power  Management  vertical  strip. 
30-amp  power  Input  feed  distributed 
across  16  outlets. 

Mounts  vertically  In  your  equipment  rack  or 
cabinet  and  requires  Zero  U  of  rack  space. 
Load  Sense  provides  real-time  current 
monitoring  in  the  remote  screen  Interface 
and  through  a  built-in  LED  display  for  on¬ 
site  measurement. 

Power-up  sequencing  of  all  16  outlets 
prevents  en  In-rush  current  overtoad. 
Telnet,  SNMP,  Modem  or  RS-232  interfaces  for  easy, 
practical  and  secure  power  management  of  remote 
Internetworking  equipment 


Install  the  new  Sentry  Power  Tower  In 
your  data  center,  N0C  or  co-to  facility 
and  gain  the  advantage  of  remotely 
rebooting  up  to  16  of  your  equipment 
units  -  without  occupying  any  space  in 
your  rack  or  enclosed  cabinet 


,  Try  the  New  Sentry  Power  Tower  In  your 
rack  or  cabinet  and  realize  the  I 


■*  of  Intelligent  Power  Distribution  and 
»  Remote  Power  Management 

See  our  complete  product  line  at  wimuerveftech.com 
or  call  800835.1515  or  775^84^000 


Another  great  product  tmm 

Server  Technology,  Inc. 


•  Low  cost  complete  RMON  monitoring  for  remote  sites  or 
segments. 

•  Software-only,  non-dedicated  data  collection. 

•  Pure,  full  RMON  1  and  2  support.  Complete  implementation  of 
both  RMON  1  and  2  for  Ethernet  (10/100)  and  Token  Ring  (4/16). 
Full  adherence  to  RFCs  1513,  1757,  2021  and  2074. 

•  Runs  as  a  service  on  Windows  NT/2000/XP. 

•  Works  with  ANY  RMON  management  console  or  collection  facility 
(Observer  \  OpenView  ,  Concord K,  NetScout etc.). 

•  Compatible  with  Network  Instruments'  optimized  ErrorTrack ™  NDIS 
drivers  display  true  errors-by-station. 

•  Multiple  concurrent  network  interface  monitoring  (up  to  10). 


Why  pay  thousands  more  for  the  same  data? 

Call  800-526-7919  for  information,  or  see  our  web  site  at: 


www.networkinstruments.com 

©  2001  Network  Instruments.  LLC  -  Corporate  Headquarters  (952)  932-9899  FAX  (952)  932-9545 
UK  and  Europe  +44  (0)  1959  569880  FAX  +44  (0)  1959  569881  info@networkinstruments.com  www.networkinstruments.com 
Network  Instruments  and  the  “N"  logo  are  registered  trademarks  of  Network  Instruments.  LLC  Minneapolis,  MN  USA 


Complete,  Industry  Standard,  Software-Based  RM0N2  and 
RM0N1  Probe  for  Windows  98/Me/NT/2000/XP 


Network  Instruments  RMON  Probe 


E*e  Qptions  Help 


NETWOR 
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Interface:  I 


OBSERVER 


Cisco 

Routers 

Switches 

Hubs 

Voice  Over  IP 

Memory 

Security 

Interface  Modules 
Port  Adapters 
Wireless 


World  Data  Products  introduces  its  new  Cisco 
Router  and  Switch  poster.  It  provides  at-a-glance 
information  on  model  capacities,  interface  cards 
and  available  features. 

The  Cisco  Poster  is  a 
valuable  tool  for 
network  planning. 

Call  877.231.2451  or 
visit  www.wdpi.com 
to  request  your 
FREE  Cisco  Router 
and  Switch  poster. 


Buy  •  Sell  •  Lease  •  Repair  •  New  •  Refurbished  •  Used 

www.wdpi.com  •  877.231.2451  •  cisco@wdpi.com 

121  Cheshire  Lane,  Minnetonka,  MN  55305  U.S.A. 


Instantly  Search  Gigabytes  of  Text 


dtSearch 


® 


The  Smart  Choice  for 
Text  Retrieval®  since  1991 


"Superb  ...  a  multitude  of  high-end  features"  —  PC  Magazine 

"A  powerful  text  mining  engine  ...  effective  because  of 
the  level  of  intelligence  it  displays"  —  PC  Al 

"Very  powerful  ...  a  staggering  number  of  ways 
to  search"  —  Windows  Magazine 

"Impressive"  —  PC  Magazine  Online 

"A  tremendously  powerful  and  capable 
text  search  engine" —  Visual  Developer 

"Intuitive  and  austere  ...  a 
superb  search  tool"  —  PC  World 


Fast,  precision  searching 

♦  over  two  dozen  text  search 
options 

♦  indexed,  unindexed,  fielded 
and  full-text  searching 

Organization-wide  reach 

♦  highlights  hits  in  HTML  and  PDF 
while  keeping  embedded  links 
and  images  intact 

♦  converts  other  file  types  —  word 
processor,  database,  spreadsheet, 
email,  ZIP,  XML,  Unicode,  etc.  — 
to  HTML  for  display  with 
highlighted  hits 

1 -800-IT-FINDS 
www.  dtsearch.  com 

sales@dtsearch.com 


Spider  and  search 
Web  sites  *  included 
with  all  products 


Network 

Search  the  many 
forms  of  data  that 
exist  across  a  large 
enterprise  network 

♦  from  $800 


Publish  a  searchable 
database  to  CD.  DVD 

♦  from  $ 2,500 


Add  power 
searching  to 
a  product 

♦  extensive 
sample  source 
code  in  multiple 
programming 
languages 

♦  from  $999 


Web 


Add  instant 
searching  to  your 
site  ♦  $999  per  server 


Stop  by  www.dtseaixh.com 
for  30-day  evaluation  versions 


Contact  these  companies  today  to  help  you  with  your  training  needs! 


Learnkey  Inc.  ^ 

(800)  865-0165 
www.leamkey.com 
Self-paced  online  CD  network 
certification  developer  bus/apps 


Boson  Training  ^ 

(813)  925-0700 
www.bosontraining.com 
CCIE,  CCNP,  CSS1,  CCNA,  Cisco, 
wireless,  CISSP 


PMG  NetAnalyst 

(800)  645-8486 
www.NetworkTraining.com 
Network  Forensic  Analysis  and 
Security  Training  and  Services 


TechEd  Services 

(407)  243-6494 
www.techedsvcs.com 
Customized  onsite  training  for 
Microsoft,  Cisco,  Network  Associates 


IPexpert,  Inc. 

(866)  225-8064 
www.ipexpert.net 
CCIE,  CCNP,  CSS1,  CCNA,  Cisco, 
wireless,  CISSP 


To  Place  Your  Listing  Here 
Call  Enku  Gubaie  at 
(800)  622-1108^ 


NetSmart  Learning  Partm 


WKMN  Training 

1 

George  Washington  Univ 

(415)  586-1713 

1 

(202)  973-1175 

www.wkmn.com 

i 

www.cpd.gwu.edu 

Comprehensive  introduction  to 

Oracle  MCSE  Network  Security 

wireless  networking. 

UNIX/LINUX  I-Net  VB.Net  XML 

tPlace 


www.optimumdata.com 


1 20  Day  Walrranty 

Paradyne  •  ADTRAN  •  ExtremS  Networks 


Sett  or  Annothice 


Network  Products 
&  Services  with 
Network  World’s  Marketplace 
Call  8O8-62MI08  ext.  6SL07 


NORTEL  NETWORKS 


Bay  Networks 

V  / 


Why  Are  We  The  Best? 


•  Nortel  Service  Contracts  •  Free  Technical  Support 

•  Nortel  Service  Renewals  •  Next-Day  Hardware 

Replacement 

Good  As  New  Gear, 

Same  as  New  Warranty 
-  at  Better  Than  New  Prices 

Refurbished  Specials: 

ASN/2-J2mb  Refurbished  Advanced  Stack  Node  Bundle 

Ini  Me-,  AF0002E1S— 32mb  Redundant  Base  Unit 
lx  34000  Dual  Ethernet,  lx  AF2UI005  Quad  Sync 
lx  AAOOII004  Fast  Packet  Cache,  lx  W2104013  128  bit  Compression  Module 

Special  $2,995 

BayStack  3S01-H0  (AL2012E10)  24  Port  10/100  switch 

Refurbished  Grades  may  vary  "A"  Grade  sale  price  $350.00 

One  Year  Warranty 

As  Low  As  $150 

BayStack  450-24T  (A12012E14)  24  Port  10/100  Stackable 

Special  $895 

Backbone  Router  Special-AC  1004005 

Reterb  kit  indudes  Dual  10081  with  the  Fast  fRE2-060-64mb 

Special  $3,249 

Don'  w  :f  used?  Try  our  low  prices  on  new!  Call  Today! 

it.  V  *«.  Free  Quote! 

833-8LANWAN 

•3SB  852-6926)  ~ - 

*,0'  1  IAN  Exchange  •  www.nle.com 


The  Hub  of  the  Network  Buy 


Systems/Features/Memory 

cnstco 

equiSment 


Also  Available:  Wellfleet,  Bay,  Fore, 
Xylogics,  Livingston,  &  Ascend 

In  Stock  •  Fast  Delivery  •  /Vo  expedite  Charges 


COMSTAR,  INC. 

The  #•)  Network  Remarketer 

952*835*5502 

Fax  952*8350927  E-Mailsales@comstarinc.com 


mm 

!  CISCO 

New  &  Used  ■ 

Fully  Guaranteed  s.  ha*.  e,p.So.  ■■■■■ 

800.451.3407 

90  Castilian  Drive.  Suite  110.  Santa  Barbara.  CA  93117 

Routers 
Switches 
Interface  Modules 
Access  Servers 
Accessories 

fi/’  View  Cart  v:./  Clear  Cart 


FACTORY  DIRECT 
FIBER  OPTIC  PRODUCTS 


Jumpers,  Pigtails,  Termination  Boxes, 
Preconnectorized  Backbone  Cable, 
Mode  Conditioning  Cables, 
Ethernet  Converters  and  Switches, 
CATS  Products,  Photonic  Devices 

www.fiberdyne.com 

A  FIBERDYNE  LABS,  INC. 

l-(800)  894-9694 
(315)  895-8470 
Fax  (315)  895-8436 


NEW-USED 
WE  BUY-WE  SELL 


www.networkhardware.com 

BUY  ONLINE 


NETWORK  HARDWARE  RESALE  I 


.0t,S'COB  Air 


technologies,  inc 


WWW.RECURRENT.COM  INFaWRECURRENT.CDM 


U  LJ  1 T  Li 

[mi 

if 

caBieTRon 


systems 


Cisco  Stsums 


LEGACY/DISCONTINUED 
PRODUCTS  SPECIALISTS 
OUR  20TH  YEAR! 
ERGONOMIC  ENTERPRISES,  Inc 
47  WERMAN  CT. 
PLAINVIEW  NY  11803 
1-877-4LAN-WAN  (452-6926) 
Int'l:  001-516-293-5200 
fx  516-293-5325 
www.4lanwan.com 

rich@4lanwan.com 


iruMi 

See  the  entire  Generation 
3.0  collection  at: 

BRETTS 

Luggage.  Leather  gixxLs.  Gifts 
Pens.  Clocks.  Lighten.  Games 

www.suitcase.com 


Smartronix  _ 

3 


PDA  Based! 


Network 
Test  Tool 

. .  * 699 

10/100  Ethernet  LAN  Tester 


Design  Engineers: 

Evaluate  &  test  new 
equipment  under 
development 
Network  Engineers: 

Determine  faulty 
NIC  cards,  wiring,  Ck 
network  equipment 


(FREE  Palm  ml05 
included) 


►  Displays  network  utilization,  packets 
&  statistics 

►  Captures  &  generates  various  error 
packets 

►  Network  load  testing  function 

►  Full  auto  negotiation  &  DHCP  ready 


Toll  Free  1-866-442-7767 
www.smartronix.com/products 


Average  Order  Ass 


10  Minutes 


Give  as  a  break,  it’s  a  26,000  sq.  ft.  warehouse. 


We  sell,  buy.  and  lease  the  best  new  and  refurbished  networking 
equipment  and  systems  at  the  lowest  prices  anywhere. 

Isn't  it  about  time  you  made  the  smart  choice? 

Trust  the  Experts-  We  Specialize  In...  _ 

Cisci  Dikiis 
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|  Authorized  COMPAQ. 
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You  can 
find  a 
better 

JOB 

with  one 
hand  tied 
behind 
your  back. 


Just  point  your 
mouse  to  the 
world’s  best 
IT  careers  site. 

Brought  to 
you  by 

Computerworld, 
Info  World  and 
Network  World. 

Find  out  more. 

Call  your 
ITcareers  Sales 
Representative 
or  Janis  Crowley, 
1-800-762-2977 


Ma 


Where  the  best 
get  better 


Software  Developer  to  develop 
software  usng  ASP,  VB,  XML. 
XSL,  JavaScript,  VBScript, 
PERL  CGI,  C,  C++,  Java.  MS 
SQL  Server  ,  Oracle  and  PL- 
SQL,  Design  and  develop 
VB-ASP  classess.  Database 
design  and  develop  stored  procs 
&  triggers-  Prepare  functional 
specs,  code  test  and  debug. 
Understand  customer  req;  product 
support  &  assist.  BS  in  Comp  Sci 
or  equiv.  2+  yrs  exp.  +  expertise 
in  applicn.  software  using  OOAD 
&  E-Commerce  tech,  on  MS 
paltform.  Competitive  salary. 
Apply  to  PSC,  320  Wyehwood 
Court,  Alpharetta,  GA  30022 
with  prrof  of  work  authorization. 


PROGRAMMER  ANALYSTS 
AND  SYSTEMS  ANALYSTS 
(multiple  positions)  sought  by 
Edison,  NJ-based  S/ware  Con¬ 
sultancy  firm.  Must  have  Bach  or 
equiv  in  Comp  Sci  or  engg  &  1  yr 
s/ware  exp.  Respond  to:  HR 
Dept.,  AK  Systems,  Inc,  100 
Metroplex  Drive,  Suite  303, 
Edison,  NJ  08817. 


Jr.  Computer  Programmer.  Assist 
in  Developing  S/W  including 
modifications,  workflow,  analysis 
&  testing  on  windows  NT  using 
ASP,  VS,  javascript  SQL,  C  &  C++. 
Req:Bachelors  in  Computer 
Science  or  Computer  Engg., 
40  Hr/Wk,  Interview  Site: 
Patheo  Inc., 5455  Garden  Grove 
Blvd.  #425,  Westminister,  CA 
92683,  Send  Resume  to: 
resumes  @  patheo.com 


Internet  Marketing  Coordinator  - 
Photo  finishing  &  printing  service 
seeks  indiv  to  design  &  develop 
the  marketing  strategies  for  the 
Internet  platform.  Req'd:  Bache¬ 
lor's  Degree  in  Com.  Science,  2 
yrs  of  exp  in  job  offered  or  2  yrs 
exp.  as  a  Mrkting  Mgr  related 
position  with  Internet  Marketing 
exp,  must  have  knowl/exp  in 
Photoshop,  Flash,  Java  &  Oracle 
Database.  RSVP  to  Attn:  Mr.  Pi, 
Photo  Experts,  Inc.  57-08  39th 
Avenue,  Woodside,  NY  1 1 377 


Software  Engineer.  Design  web 
based  computer  technology  and 
software  with  the  use  of  JAVA, 
OF3ACLE  and  MS  SQL  server  on 
Windows  and  SUN  Solaris. 
Req:Bachelors  in  Computer 
Science  or  Computer  Engineering. 
40  hr/wk.  Job/Interview  Site:  Los 
Angeles,  CA.  Send  resume  to 
Reunion.com,  1 2200  W  Olympic 
Blvd.  Suite  270  Los  Angeles,  CA 
90064-1020 


Better 

address? 


Better 

compensation? 


Better 


Better  get 
in  here. 

S^careerelcom 


where  the  best 
gel  better 
1-800  762  2977 


Senior  Programmer  Analyst 
sought  by  NYC-based  banking 
corp.  to  perform  internal  busi¬ 
ness  reporting  requirements  and 
specifications;  and  to  design, 
code,  test,  debug,  document  and 
implement  management  and 
operational  reporting  projects 
using  Oracle  Financial  Services 
Applications,  Oracle  Financial 
Analyzer,  Oracle  Express,  Oracle 
Discoverer,  PL/SQL  and  Oracle 
Forms  and  Reports.  Should 
have  BS  in  Comp  Science/Engg 
or  equivalent  with  3  yrs  of  exp  in 
duties  listed  above.  Respond  to: 
HR  Dept,  Sumitomo  Mitsui 
Banking  Corporation,  277  Park 
Avenue,  6th  Floor,  New  York,  NY 
10172. 


Systems  Administrator  to  main¬ 
tain  on  board  computer  systems 
such  as  FIDELIO,  Pronto  Inter¬ 
active  TV,  RED-M  Internet  wireless 
systems.  Full  time  position  M-F, 
located  in  Miami,  offers  good 
salary.  Applicants  with  Bachelor's 
degree  in  Comp.  Engg  and 
2  years  exp.  in  the  job  send 
resumes  only  to:  Alice  Brennan, 
Mgr.  H.R.  Residen  Sea  Resorts 
Ltd.  5200  Blue  Lagoon  Drive 
#790.  Miami  Florida  33126. 

Several  computer  related 
positions  available  for  large 
medical  products  distribution 
company.  Degree,  technical 
skills  &  experience  vary  per 
positions.  Send  resume  to 
Ann  Christante,  PSS  World 
Medical,  Inc.,  4345  South- 
point  Blvd.,  Jacksonville,  FL 
32246. 

Call  your 
ITcareers  Sales 
Representative 
or  Janis  Crowley. 

1-800-762-2977 


Tech  Project  Manager  wanted 
by  Research  Consulting  &  Info 
Services  Co  in  MA.  Plan  &  im¬ 
plement  tech  &  network  support 
systs;  oversee  implementation 
of  new  software  &  tech  systs; 
create  doc  of  tech  systs;  respon¬ 
sible  for  Goldmine  Software  & 
Database.  MA  in  Bus  Admin  or 
Info  Mngmnt  &  6  mos  exp  in  job 
offered  req.  Respond  to:  VP 
/Mngmnt  Ventures,  20  University 
Rd,  Cambridge,  MA  02138. 


Software  Engineer-  (Murray  Hill. 
NJ)  Develop  &  implement 
production  application  systems 
according  to  user  needs  & 
schedule/cost  limitations.  Integrate 
multiple  platform  solutions  & 
implement  client/server  &  web 
development  projects  to  improve 
workflow.Req’d:  Bach.  Deg.  in 
Comp.Science,  Comp.  Mgmt,  or 
related  discipline,  5  yrs  exp.  in 
the  job  offered  or  as  a  Software 
Developer  or  Systems  Analyst  & 
exp.  with  UNIX  &  ORACLE 
loader  and  import/export  utilities. 
Send  resume  to:  The  BOC 
Group,  Inc.,  575  Mountain 
Avenue,  Murray  Hill,  NJ  07974. 
Job  Code:  SE/DH 


Programmer;  Works  under  the 
supervision  of  Sr.  programmers 
to  convert  project  specs  to  create 
/modify  computer  programs; 
develop  programs  to  manipulate 
data  using  AWK/C/Basic;  develop 
test  procedure^software;  increase 
program  operating  efficiency; 
document  program  development. 
Req:  Bach  in  Comp  Sci  rel/equiv 
and  1  yr  exp  or  3  years  work  exp 
may  be  substituted  for  req  of 
Bach  &  1  yr  exp.  Resume:  HR, 
The  USA  Bouquet  Company, 
1500  NW  95th  Ave,  Miami,  FL 
33172. 


SENIOR  SOFTWARE  ENGI¬ 
NEER  to  design,  develop,  analyze, 
test,  implement  and  maintain 
system  software  products  for 
e-business  infrastructure  using 
object  oriented  design  and 
methodologies  on  UNIX  and 
Windows  environment  with  C++ 
and  Java;  design  client/server 
systems  with  multi-threading, 
networking,  inter-process  com¬ 
munications  and  memory  man¬ 
agement.  Require:  M.S.  in  Com¬ 
puter  Science  and  one  year  of 
experience  in  the  job  offered  or 
any  experience  providing  skills  in 
described  duties.  Competitive 
salary  and  benefits.  40  hours 
/week,  9  am  to  5  pm,  M-F.  Apply 
with  resume  to:  Human  Re¬ 
sources  Coordinator,  Chutney 
Technologies,  Inc.,  3490  Piedmont 
Road,  Suite  1100,  Atlanta,  GA 
30305. 


SENIOR  LOTUS 
NOTES  DEVELOPER 
(SENIOR  ENGINEER) 

Develop,  implement,  create,  and 
test  workflow.  Track  applications 
in  a  Lotus  Notes/Domino  envi¬ 
ronment.  Perform  database 
design  and  web  development 
using  Lotus  Script,  Java  Script, 
ODBC,  OLE.  Develop  test  and 
debug  user  interfaces  for  the 
applications.  Must  have  a  Bach¬ 
elor's  Degree  in  Engineering, 
Computer  Science  or  related 
field.  Must  have  three  years 
of  experience  as  a  programmer 
or  analyst  in  Lotus  Notes 
environment.  Salary  and  benefits 
commensurate  with  experience. 
Send  resume  to:  Joseph  W. 
Pereira,  Senior  Human  Re¬ 
sources  Advisor,  Norwalk 
Hospital,  Maple  Street,  Norwalk, 
CT  06856 


Sr.  Software  Engineers  (2)- 

Design/develop/qualify/test/ 
support  large  scale  client-server 
prod,  in  Windows  NT/2000, 
translate  designs  to  software 
prod. using  Windows  NT/2000, 
Borland  Delphi/MS  SQL/  Para- 
dox/Word/Excel/Access/XML/C 
OM/DCOM.  Bachelor's  degree 
Computer  Sc.,  Engineerg  or 
related  field + 2  yrs  exp.  in  position, 
as  Software  Developer,  or 
as  Software  Eng.  req'd  Must 
be  proficient  in  Windows 
NT/2000/Delphi/MS 
SQL/COM/DCOM.  $71,887- 
$79, 1 1 8/yr,  40  hrs/wk,  OT  as 
need.  Ref:  VC. 

Software  Engineers  (3)- 

Develop/qualify/test/support 
large  scale  client-server  prod,  in 
Windows  NT/2000,  translate 
designs  to  software  prod,  using 
Windows  NT/2000,  Borland  Del¬ 
phi/MS  SQL/Paradox/Word/Ex- 
cel/Access/XML/COM/DCOM. 
Bachelor's  degree  Computer 
Sc.,  Engineerg  or  related  field 
req'd.  Must  be  proficient 
in  Windows  NT/2000/Delphi/ 
MS  SQL/COM/DCOM .  $55k- 
62.5K/yr,  40  hrs/wk,  OT  as  need. 
Ref:  LR 

Send  resume:  D.  Root,  HR 
Director,  Alogent,  4005  Windward 
Plaza,  Alpharetta,  GA  30005. 


SYSTEMS  DEVELOPER:  De¬ 
sign,  develop  &  implement  IT 
solutions  &  support  to  global 
SAP  R/3  systems  running  in  20+ 
locations.  Deliver  solutions  in 
SAP  R/3  &  related  SAP  systems. 
Troubleshoot  in  SAP  systems. 
BS  in  Comp  Sci,  Info  Systems 
or  related  field  plus  2  yrs  exp 
required.  Must  have  experience 
w/SAP  FV3  within  system  devel¬ 
opment,  ABAP/4  Reporting  Tools, 
SAP  Script,  User  Exit,  Inter¬ 
faces/Integrations  using  BDC's 
/LSMW,  BAPI's,  ALE/I  DOC 
technologies;  SAP  ITS  & 
related  SAP  3rd  party  tools. 
Pis  forward  resume  to: 
nzna-jobs@novozymes.com. 


SAP  Systems  Analyst: 

Requires:  Bachelor's  degree  in 
Econ,  Bus.  Admin  or  Info  Sys.;  2 
yrs'  exp.  in  job  offered  or  in  bus. 
info  sys  analysis/consulting;  & 
demonstrated  expertise  with 
ABAP,  SAP  &  SAP  modules 
FI/CO,  SD,  &  MM  &  SAPScript. 
Duties:  Develop,  implement  & 
maintain  complex  SAP  systems 
for  Pharma  sector.  Analyze  & 
configure  sophisticated  bus 
sys.  &  applications  &  interfaces. 
Design,  write,  test  &  debug  com¬ 
plex  computer  applications  using 
ABAP,  SAP,  SAPScript.  Configure 
bus.  applications,  modules  &  re¬ 
ports  in  SD,  MM,  &  FI/CO.  Re¬ 
sponsible  for  creating  ABAP 
interfaces  &  full  life  cycle  devel¬ 
opment  of  projects.  Perform  sys¬ 
tem  impact  analysis  for  federal  & 
state  regulatory  compliance. 
Prepare  system  specifications. 
Develop  documented  customiza¬ 
tion  in  SAP  environment  using 
ABAP  programming  language. 
Analyze,  design  &  modify  existing 
applications  in  SAP  system  to 
improve  performance.  $65,000 
/year.  8  am  -5  pm.,  M-F,  40hrs 
/wk.  EOE.  Send  2  resume 
w/copy  of  Ad  to:  Cobb/Cherokee, 
Job  Order  #GA7121584,  465 
Big  Shanty  Road,  Marietta,  GA 
30066-3303  or  nearest  Depart¬ 
ment  of  Labor  field  service  office. 


Chief  Computer  Programmer: 
Plan,  develop,  program,  test  & 
document  computer  programs 
using  structured  analysis;  ana¬ 
lyze  &  write  detailed  program 
specifications;  design  &  deploy 
systems  using  Sterling's  COOL: 
GEN,  Oracle  9iAS,  Oracle 
Designer  61,  &  Oracle  Developer 
6i.  Req.  BS  in  CS  or  related  or 
foreign  equiv  degree  plus  4  yr 
work  exp.  Hrs:  8a-5p,  M-F.  Send 
resume  to  Moorecroft  Systems 
202  Abbey  Ct„  Alpharetta,  GA 
30004  Ref  ST. 
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Kotiboy  is  a  premier  global 
/.systprjij  integrator  that 
provides  higrvquality,  high- 
vglue  solutions  to  the 
}  insurance,  banking,  credit 
card,  consumer  lending  and 
securities  industries.  We 
provide  a  complete  lifecycle 
of  services  including 
program  management, 
business  analysis, 
technology  planning,  ' 
architecture,  application 
development,  maintenance 
and  support.  Our 
Specialized  services  include 
business  intelligence, 
package  selection, 
customization  and 
implementation 

The  following  opportunities 
are  based  at  our  corporate 
headquarters  in  Chicago 
and  locations  nationwide. 
We  are  seeking  candidates 
with  technical  skills  in:  JAVA, 
J2EE,  OOAD,  WebSphere, 
XML,  COBOL,  CICS,  DB2, 
JCL,  and  VisionPlus 
expertise  in  an  MVS 
environment. 

•  Project  Managers 

•  Technical  Architects 

•  Project  Leads 

•  Programmer/ 

Analysts 

For  consideration,  forward 
response  to:  Kanbay,  Inc., 
6400  Shafer  Ct.,  Suite  100, 
Rosemont,  IL  6001 8.  Fax: 
847-318-0784.  Email: 
uscareers@kanbay.com. 
Please  reference  code 
CW0902  in  all 
correspondence.  Kanbay  is 
an  Affirmative  Action 
Employer/EOE 
organization. 


Kanbay 

www.kanbay.com 


Database  Analyst  wanted  in 
Houston,  TX.  Respond  to:  HR 
Dept.,  GNT  Int'l,  Inc.,  10333 
Harwin  Dr„  Ste.  297,  Houston, 
TX  77036. 


APPLICATION  SYSTEM  ANA¬ 
LYST/PROGRAMMER  wanted 
by  Petrochemical  engineering 
&  construction  co.  in  Houston, 
TX.  Must  have  degree  &  exp. 
Respond  by  resume  only  to:  Ms. 
Sharon  Balke,  Sr.  H  R.  Specialist. 
N/C  #10,  ABB  Lummus  Global. 
Inc.  3010  Briarpark,  Houston,  TX 
77042. 


Fox  Pro  Programmer 

LEE  Marketing  Services,  Inc.  a 
national  leader  in  direct  marketing 

has  positions  available  in  our 
Information  Systems  Department 
for  a  Programmer.  BS  Degree  or 
equivalent  plus  1  year  relevant 
work  experience.  Work  with  2 
of  the  following:  SQL  Server, 

Visual  FoxPro,  VB  &  Unix. 
Responsibilities  include  design, 
implement  and  support  software 
applications  utilizing  various 
marketing  software. 

Systems  Administrator  wanted 
by  Garments  Manufacturer 
in  Jersey  City,  NJ.  Must  have 
Associate  Degree  in  any  field 
and  5  yrs  exp.  Respond  to:  Seoul 
Suits  and  Coats,  Inc.,  1072 
Westside  Ave.,  Jersey  City,  NJ 
07306. 

Java  Developer/Software  Engi¬ 
neer  sought  by  telecommunica¬ 
tions  service  co  in  Cherry  Hill, 
NJ,  to  support  multiple  applica¬ 
tions  across  various  platforms 
involving  BEA  Weblogic,  Silver- 
Stream,  and  Oracle  9iAS  using 

JSP,  Servlets,  JDBC  and  EJB. 

Must  have  Bach,  in  Comp.  Sci., 
Engg.  or  equiv.  and  min.  ot  two 
years  relevant  exp.  Respond  to: 
HR  Dept.,  Zone  Telecom,  Inc., 

200  Lake  Drive  East,  Suite  200, 
Cherry  Hill,  NJ  08002. 

BUSINESS  SOFTWARE  ENGI¬ 
NEER  wanted  by  Architectural 
firm  in  Houston,  TX.  Must  have 
M.S.  in  MIS  or  Comp.  Sc.  plus 
exp.  Respond  by  resume  only  to: 
Mr.  C.C.  Lee  STOA  Golemon 
Bolullo  Architects  6213  Skyline 
Dr.,  Houston,  TX  77057. 

Distance  Learning  Facilitator. 
Design  &  maintain  tech  ops  for 
college  internet  courses  off'd  24 
hrs/day.  Provide  tech  support  & 
train’g.  Devel  s/ware,  DBs,  & 
systems.  Work  is  8-5  but  varies 
due  to  diff'g  time  zones  &  on-call 
assgnmnts.  Bachelor  degree  in 
CS  or  Eng'g  req’d,  as  is  2  yrs  exp 
in  job  offered  or  web-based  sys 
admin  position. 

Competitive  salary.  Will  accept 
masters  degree  in  req'd  field  in 
lieu  of  2  yrs  exp.  Resumes  to  Hal 
G.  Cross,  VP  for  Bus/Fin,  Job  # 
2329.02,  Baptist  Bible  College/ 
Seminary,  538  Venard  Road, 
Clarks  Summit,  PA  1 841 1 . 

Sr.  Consultant  to  write  proposals; 
presentations;  project  plan, 
mgmt.  &  implement;  customer 
service  &  business  devel.  Tech¬ 
nical  duties:  statistical  analyses 
and  modeling  using  SAS,  SPSS; 
develop  software  applications 
using  Oracle,  PL/SQL,  C  and 
C++  to  solve  customer  issues  & 
optimize  b/z  processes  for  mktg., 
sales,  inventory  control.  MS  or 
MBA  in  b/z  Admin.  +  2  yr.  exp. 
Salary  at  prevailing  wages.  Apply 
to  Milan,  1640  Powers  Ferry  Rd., 
Bldg.  21,  Marietta.  GA  30067 
with  proof  of  work  authz. 

Developer  wanted  by  Multi-Nat'l 

Mktg  Communications  Co  in 

Manh.  Perf  coding,  programming 

&  appl  dvlpmnt;  follow  &  imple¬ 
ment  tech  specs:  doc  &  catalog 

all  software.  BS  in  Comp  Sci, 

Electronics  or  Engr  &  2yrs  exp  in 

job  offered  req.  Respond  to: 

AAH/HR  Dept,  PO  Bx  4241, 

GCS,  NY  10163. 

Programmer  Analyst.  8a-5p.  40 
hrs/wk.  Analyze,  dsgn,  dvlp, 
prgm  &  implmt  bus  applies  using 
JCL,  CICS,  VSAM,  DB2,  COBOL- 

11  and  SCREEN-COBOL.  Edu¬ 
cational  reqmt:  Bach  or  equiv  in 
Electrical  or  Electronics  Engg. 
Comp  Sci/Engg,  Mgmt  Info 
Systms,  Bus  Admin  or  related 
field.  Exp  reqmt:  2  yrs  in  job  offd 
or  as  Systms  Analyst/Systms 
Executive  or  Prgmr.  Resume: 
Avalon  International,  Inc.,  3550 
Engg  Dr,  Ste  260,  Norcross,  GA 

30092. 

Securities  Clearing  firm  is  seek¬ 
ing  a  Senior  Systems  Architect 
to  maintain  software  for  commu¬ 
nications  within  the  company 
and  for  communication  with 
external  users.  Must  have  a 
Bachelor’s  degree  or  equivalent 
in  Computer  Science  or  a  related 
field  and  a  minimum  of  5  years 
of  experience  in  Mainframe  Pro¬ 
gramming  OR  a  Master's  degree 
or  equivalent  in  Computer 
Science  or  a  related  field  with  a 
minimum  of  3  years  of  experi¬ 
ence  in  Mainframe  Programming. 
Experience  must  also  include 
CICS.  MQ  Series,  Internals  and 
OS/390  architecture.  Fax  resumes 
to  HR  Dept.  DTCC  @  212-855- 
5802.  Refer  to  job  8565. 

Systems  Analyst-  CommVault 
Systems  Inc.  is  in  need  of  a 
Systems  Analyst  for  its  Oceanport, 
NJ  location.  Design  &  implement 
network  &  systems  architecture 
for  storage  mgmt.,  data  recovery, 
storage  area  networks,  &  security 
design.  Must  have  a  Bach.  Deg. 
in  Mgmt.  Info.  Systems,  Comp. 
Science,  Eng'g,  or  related  field, 
2yrs  exp.  in  the  job  offered  or 
in  a  network  admin,  occup.  & 
exp.  w/  TCP/IP,  SMS,  &  UNIX. 

EOE.  Resume  to:  thoffman© 

commvault.com 

Programmer/Analyst-Analyze, 
design,  program  &  implement 
various  computer  applications, 
Req.  Bachelors  in  Comp.  Sci., 
Technology,  MIS  or  Engg.  (any 
field)  +  1  yr.  exp.  Contact:  Inter¬ 
national  Systems  Technologies, 
Inc.,  1812  Front  Street,  Scotch 
Plains.  NJ  07076. 

Software  Developer.  Develops 
software  for  telecomm./business 
applic's;  determines  feasibility  of 
design  within  time/cost;  evaluates 
interfaces  between  hardware- 
software/performance  require¬ 
ments;  measures  design  out¬ 
come;  develops/directs  testing 
procedures,  programming/docu¬ 
mentation;  uses  T-SQL,  MS  SQL 
Server,  MS  Visual  Studio,  MS 
Visual  Basic,  COM/DCOM.  Req. 
Bach,  in  Comp.  Sci.  rel./equiv.  & 

2  yrs.  exp.  Resume  to  K.  Baker, 
Radiant  Telecom,  Inc.,  1020 
N.W.  163rd  Drive,  Miami,  FL 
33169. 

Manager,  3D  Appl.  Rsrch  Group, 
wanted  for  mfgr  of  computer 
components.  Req.  B.S.  In  E.E.  or 
related  scientific  discipline  plus 
8  yrs.  tech,  devlpmt/mgmt  exp.  in 
comp,  graphics  industry.  Reply  to 
K.B.,  H.R.  Dept.,  ATI  Research, 
Inc.  62  Forest  St.,  Marlboro  MA 
01752. 

Junior  Systems  Analyst.  Assist  in 

designing  and  installing  a  com¬ 
puter  system  for  inventory,  distri¬ 
bution  &  accounting  manage¬ 
ment  including  s/w  and  h/w 

integration.  Req:  Bachelors 

in  Computer  Sci.  40hr-wk.  Job / 

Interview  Site:  Chatsworth,  CA. 

Send  resume  to  Ganesh  Industrial 

Supply,  Inc.,  20621  Plummer  St., 

Chatsworth,  CA  91 31 1 

SYSTEMS  ANALYST  for  distrib¬ 
utor  to  South  America-Assist 

in  installation,  management, 
configuration,  maintenance, 
trouble-shooting  &  management 
training  of  local  network  for  both 
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Cranky  and  gloomy 


“I  think  you  ought  to  know  I’m 
feeling  very  depressed.” 

—  MARVINTHE  PARANOID  ANDROID  FROM  THE 
HITCHHIKER'S  GUIDE  TO  THE  GALAXY  BY  THE 
LATE  DOUGLAS  ADAMS 


I  have  a  cold.  Nothing  big,  just  a  dash  of  good  ol’ 
rhinovirus  (part  of  the  Picornaviridae  family  . . .  pico 
meaning  small  and  rna  signifying  that  these  are  sin¬ 
gle-stranded  positive  sense  rna  viruses  —  see 
www.nwfusion.com,  DocFinder:  2343). And  one 
thing  that  colds  tend  to  do  to  me  is  interrupt  my 
sleeping  pattern.  1  got  about  three  hours  last  night  — 
which  tends  to  make  me  cranky  and  gloomy 
Actually,  it  isn’t  just  the  cold  that’s  making  me 
gloomy  it  also  is  a  consequence  of  reading  the  draft 
report  “The  National  Strategy  to  Secure  Cyberspace” 
issued  last  Wednesday  by  President  Bush’s  Critical 
Infrastructure  Protection  Board.You  can  find  the 
report  at  DocFinder:  2344. 

<digression>Can  anyone  tell  me  why  the  report  is  a 
PDF  file?  Why  was  it  laid  out  in  landscape  format  so 
that  unless  you  have  one  of  those  rotating  monitors 
you  pretty  much  have  to  print  it  out  to  read  it?  Why 
not  publish  in  HTML?  Why  not  make  it  a  richly 
linked,  vibrant  evolving  document?  Why  keep  think¬ 
ing  in  terms  of  paper?  And  of  course  because  of 


paper  thinking  there’s  at  least  one  URL  (see  page 
two  of  the  report)  that  is  wrong:  They  have  a  hyphen 
in  www.securecyberspace.gov.</digression> 

The  report  is  a  fine  example  of  some  very  smart 
people  tackling  an  enormously  complex  problem  in 
a  hugely  political  context. 

The  recommendations  of  the  report  are  predict¬ 
able,  ponderous  and  mired  in  bureaucratic  thinking. 
For  example,  from  page  three  under  Case  for  Action 
—  Key  Themes: “The  nation’s  economy  is  increasing¬ 
ly  dependent  on  cyberspace;  this  has  introduced 
unknown  interdependencies  and  single  points  of 
failure.”The  report  has  no  comment  on  how  the 
problems  of  unknown  interdependencies  and  single 
points  of  failure  should  be  addressed. 

Task  forces  for  this,  committees  for  that,  but  nothing 
concrete.The  result  is  more  soapboxing  than  action. 
And  we  can  draw  several  conclusions  from  this. 

First,  without  laws  that  impose  legal  obligations  on 
network  and  computer  owners,  all  that  the  “plan" 
can  offer  are  best  practices. 

Second,  when  it  comes  to  computers  and  network¬ 
ing,  best  practices  quickly  become  obsolete,  and  are 
only  very  generally  applicable. 

Third,  whether  a  best  practice  actually  can  be  fol¬ 
lowed  depends  on  the  situation. 

Fourth,  from  conclusions  two  and  three,  we  can 
deduce  that  any  person  or  organization  that  fails  to 


implement  a  best  practice  can  usually  claim  extenu¬ 
ating  circumstances. 

What  we  have  at  work  here  are  a  number  of  com¬ 
peting  factors  that  make  for  an  intractable  problem: 
We  can’t  legislate  because  network  security  is  too 
complex  to  frame  meaningful  laws  about  and, even 
if  we  could,  it  is  too  politically  charged  to  do  so  (the 
gods  be  praised). 

And  we  can’t  leave  the  problem  to  be  solved 
through  corporate  belief  in  community  responsibili¬ 
ty  or  enlightened  self-interest  because  we  don’t  be¬ 
lieve  such  things  generally  exist  in  corporate  circles. 

And  just  consider  that,  as  all  this  infrastructure  pro¬ 
tection  talk  is  going  on,  we  still  have  that  lunatic, 
California  Congressman  Howard  Berman,  who  I 
wrote  about  some  weeks  ago  (DocFinder  2345) 
sponsoring  legislation  so  that  big  business  (for 
example,  the  Big  5  record  companies)  can  go  and 
hack  suspected  copyright  pirates  with  impunity! 

The  scale  of  the  problem  is  way  beyond  our  ability 
to  understand  it  (I  banged  on  about  complexity  a 
couple  of  weeks  ago  —  see  DocFinder:  2346). 

The  government  needs  to  get  its  own  house  in 
order  and  leave  the  private  sector  to  do  what  it  does 
best  —  look  out  for  its  own  interests. 

Of  course,  /  do  have  a  cold  so  my  gloom  might  be 
unwarranted.  Cheer  me  up  at  backspin@gibbs.com. 


uzz  News,  insights,  opinions  and  oddities 


By  Paul  McNamara 

Whois  may  become  a  Whowas 

The  Whois  directory  might  be  riddled  with  falsified 
contact  information  provided  by  irresponsible  domain 
name  owners  who  prefer  to  remain  unreachable,  but 
at  least  the  listing  is  still  a  useful  tool  for  easily  and 
quickly  making  contact  with  the  vast  majority  of  Web 
site  operators. 

That  might  change  soon,  and  not  for  the  better. 

Upstart  domain  registrar  Go  Daddy  Software  last  week  announced  the  launch  of 
a  sister  company  called  Domains  by  Proxy  that  will  offer  Web  site  operators  who 
crave  anonymity  an  alternative  to  fictionalizing  their  Whois  information.  Go  Daddy 
President  Bob  Parsons  says  he  believes  that  10%  of  his  company's  1  million-plus 
domain  name  registrants  eventually  will  choose  the  privacy  service  and  that  such 
services  will  quickly  become  commonplace  across  the  industry. 

Unfortunately,  he  might  be  right,  especially  because  the  organization  charged  with 
policing  Whois  compliance  —  the  Internet  Corporation  for  Assigned  Names  and 
Numbers  (ICANN)  —  apparently  sees  no  problem  with  the  directory  evolving  from  a 
relatively  reliable  source  of  ready  contact  information  into  a  morass  of  privacy 
shields  An  ICANN  spokeswoman  last  week  said  the  organization  sees  no  problem 
v.-'h  Domains  by  Proxy  at  first  blush,  but  will  be  examining  the  details  more  closely. 

Here's  how  Domains  by  Proxy  works: 

A  customer  wishing  to  register  a  domain  name  without  making  public  his  personal 
'  i  -met  information  —  or  lying  about  same  —  pays  Domains  by  Proxy  a  $6  yearly 
n-e  ov  •  and  above  the  $8.95  that  Go  Daddy  normally  charges  to  register  a  name. 

Domains  by  Proxy  becomes  the  legal  owner  of  the  customer’s  domain  name  and 
pi  ovides  fs  own  contact  information  to  Whois,  thus  shielding  the  customer  from 
having  to  do  so.  Domains  by  Proxy  then  conveys  to  the  customer  all  the  rights  asso¬ 


ciated  with  ownership,  including  the  right  to  sell,  transfer,  renew  or  cancel  the  name. 

The  service  includes  e-mail  notification  options  that  let  a  Domains  by  Proxy  cus¬ 
tomer  receive  messages  from  outsiders  who  want  to  contact  the  actual  site  opera¬ 
tor.  However,  one  of  the  options  is  to  receive  no  such  e-mail. 

Parsons  says  the  service  will  protect  his  customers  and  their  families  from  stalk¬ 
ers,  child  molesters,  identity  thieves  and  spammers.  He  insists  his  company  will 
bend  over  backward  to  assist  law  enforcement  should  anyone  be  tempted  to  use 
this  privacy  protection  for  nefarious  purposes  —  and  they  will  certainly  be  tempted. 
He  also  promises  that  if  spammers  try  to  hide  behind  the  service,  "We'll  be  on  them 
like  ticks  on  a  dog." 

Let’s  presume  he's  sincere.  This  type  of  service  still  spells  big  trouble  for  the  use¬ 
fulness  of  Whois.  Instead  of  quickly  finding  contact  information  for  a  domain  name 
owner  with  whom  you  have  an  issue  and  contacting  that  person  directly,  you'll  be 
forced  to  jump  through  hoops  with  no  promise  of  actually  finding  the  person. 

In  general,  it's  tough  to  argue  against  privacy  protection.  (The  $2  and  change 
Verizon  charges  me  every  month  for  the  privilege  of  keeping  my  telephone  number 
unlisted  might  be  the  best  money  I  spend.) 

However,  there  are  —  or  at  least  should  be  —  obligations  associated  with  staking 
out  a  little  slice  of  the  Internet  for  yourself,  and  the  first  one  ought  to  be  making 
yourself  known  and  readily  available  for  legitimate  inquiries  about  your  site.  That's 
not  asking  too  much. 

As  for  ICANN,  its  apparent  acceptance  of  these  proxy  services  begs  the  question 
of  why  the  organization  recently  came  down  so  forcefully  on  VeriSign  for  its  alleged 
shoddiness  in  maintaining  its  Whois  records. 

There  might  be  a  difference  between  fictitious  contact  information  and  the  prox¬ 
ies,  but  that  difference  will  seem  insignificant  if  large  swaths  of  Whois  become  pop¬ 
ulated  by  a  handful  of  phone  numbers  from  a  handful  of  proxy  service  providers. 

Have  a  comment ?  There’s  nothing  fictitious  about  this  address:  buzz@nww.com. 


If  You  Had  Just  Saved  $120,000 
Your  First  Month,  You'd  Be 
Smirking,  Too. 

When  BlueCross  BlueShield  of  Tennessee 
set  out  to  build  a  SAN,  they  were  looking 
for  far  more  than  just  a  vendor.  They 
were  looking  for  a  partner,  which  is 
precisely  what  they  found  in  McDATA. 
What  we  uniquely  had  to  offer  was  a 
complete  solution  that  encompassed 
hardware,  software,  and  more  importantly, 
long-term  strategic  thinking. 

"It  goes  beyond  McDATA  having  the 
finest  SAN  hardware  and  software 
products  on  the  market;  what  was  key 
was  the  partnership  we  formed. " 

Bob  Venable 

Manager  of  Enterprise  Systems 

HD  BHieCmss  BlueShield 
\?J  of  Tennessee 

The  results  were  even  greater  than 
imagined.  Using  our  SANavigator™ 
software,  BlueCross  BlueShield  of 
Tennessee  saved  an  astonishing  $120,000 
the  first  month  alone.  They  grew  their 
business  by  15%,  at  the  same  time 
improving  their  corporate  efficiency  by 
30%.  And  now  the  firm  is  able  to  manage 
46  terabytes  of  data  and  over  4,000  users 
with  just  four  part-time  administrators. 

Just  like  we  did  for  BlueCross  BlueShield 
of  Tennessee,  McDATA  could  help  you  save 
a  lot  of  green,  too.  So  give  us  a  call  or  visit 
our  website. 

1.800.545.5773 
Www.mcde  a.com/nww 
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If  you  had  BrightStor  ARCserve  Backup,  you  wouldn't  need  this. 

Worried  that  your  current  backup  software  isn't  going  to  be  there  when  you  need  it  most?  It's  time  to  consider  BrightStor” 
ARCserve"  Backup,  the  industry  leader  in  backup  and  data  protection.  Right  now  is  the  best  time  to  make  your  decision  to  change 

with  the  BrightStor  ARCserve  Backup  Competitive  Replacement  Promotion.  For  as  little  as  $495, 
you  can  get  a  complete  suite  of  industry-leading  backup  and  restore  technology.  Or  choose  the 
$995  Deluxe  Package  including  the  Disaster  Recovery  Option,  Open  File  Protection,  Client 
Agents,  24  x  7  Technical  Support,  Upgrade  Protection  and  more  valued  at  up  to  $5,800.  Of 
course,  BrightStor  ARCserve  Backup  isn't  just  a  great  deal.  It's  also  a  great  product.  And  it's  part 
of  the  most  comprehensive  family  of  storage  management  solutions,  backed  by  the  company  that  protects  99%  of  the  Fortune  500." 
Contact  us  today  to  experience  BrightStor  ARCserve  Backup.  And  get  the  peace  of  mind  you  just  can't  get  from  anywhere  else. 

ca.com/arcserve/replace  1-866-480-8903  Promo  Code  1029 


$495  $995 

Complete  Suite  j  Deluxe  Package 

BrightStor  ARCserve  Backup 
Competitive  Replacement  Promotion 


BrightStor  ARCserve"  Backup 


Computer  Associates™ 


Promotional  offer  is  valid  in  the  continental  U  S-  and  Canada  between  June  10,  2002  and  September  X,  2002  User  must  provide  proof  of  preexisting  competitive  storoge  software  to  purchase  promotional  competitive  replacemer 
SKUs  The  above  amounts  are  «n  U.S.  dollars  CA  reserves  the  right  to  alter,  amend,  caned  or  extend  this  promotion  at  any  time,  without  notice.  All  decisions  by  CA  are  final.  \fod  where  prohibited  by  law,  see  website  for  complete  detail 
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